What is the CVSS score of CVE-2025-58175?

CVE-2025-58175 has a CVSS 3.1 base score of 6.5 (Medium). CVSS vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L. EPSS exploitation probability: 0.1%.

Is there a patch available for CVE-2025-58175?

Yes, a patch is available for CVE-2025-58175. Update the affected software to the latest version immediately.

GeoServer CVE-2025-58175

MEDIUM

Improper Input Validation (CWE-20)

2026-06-12 https://github.com/geoserver/geoserver

GHSA-x4r9-gmw3-hxww

Atlassian SSRF

6.5

CVSS 3.1 · GitHub Advisory

Severity by source

GitHub Advisory PRIMARY

6.5 MEDIUM

AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L

vuln.today AI

6.5 MEDIUM

AC:H reflects the specific proxy URL misconfiguration prerequisite; PR:N confirmed by unauthenticated exploitation; no integrity impact as SSRF is read-only.

3.1 AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L

4.0 AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N

Primary rating from GitHub Advisory.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

Low

Lifecycle Timeline

Source Code Evidence Fetched

Jun 12, 2026 - 18:51 vuln.today

Analysis Generated

Jun 12, 2026 - 18:51 vuln.today

DescriptionGitHub Advisory

Summary

A GeoServer that uses ENTITY_RESOLUTION_ALLOWLIST may allow attacker to perform unauthenticated Server-Side Request Forgery (SSRF).

Details

This vulnerability requires that GeoServer is set up to use a proxy base URL and the ENTITY_RESOLUTION_ALLOWLIST (default since 2.25.0):

Impact

This vulnerability allows an attacker to cause GeoServer to make requests to an unintended location.

Workaround

GeoServer installations are only affected by this vulnerability if they use a proxy base URL that does not contain a URL path or end with a slash (e.g., https://somesite.org instead of https://somesite.org/ or https://somesite.org/geoserver). If the proxy base URL does not contain a path, adding a slash to the end of the URL will mitigate this vulnerability.

Resources

https://osgeo-org.atlassian.net/browse/GEOS-11867 https://github.com/geoserver/geoserver/pull/8622

Credits:

Le Mau Anh Phong at Verichains Cyber Force

AnalysisAI

Server-Side Request Forgery in GeoServer's XML entity resolution allows unauthenticated remote attackers to cause the server to issue HTTP requests to unintended internal or external endpoints. Affected are GeoServer deployments running versions up to 2.26.3 and 2.27.0-2.27.2 that have both a proxy base URL configured without a trailing slash and ENTITY_RESOLUTION_ALLOWLIST active - the default since 2.25.0. No public exploit or CISA KEV listing exists at time of analysis, but the CVSS vector scores high confidentiality impact, making this a meaningful risk for deployments where GeoServer has network adjacency to internal services or cloud metadata endpoints.

Technical ContextAI

GeoServer's AllowListEntityResolver (org.geoserver.util.AllowListEntityResolver in gs-main) controls which external XML entities can be resolved during document parsing. Since version 2.25.0, ENTITY_RESOLUTION_ALLOWLIST has been the default mechanism restricting entity URIs. The resolver performs a prefix match between an incoming entity URI and the configured proxy base URL to determine whether resolution is permitted. CWE-20 (Improper Input Validation) identifies the root cause: when the proxy base URL lacks a trailing slash or path segment (e.g., https://somesite.org), a crafted URI such as https://somesite.org.attacker.com/ satisfies the startsWith() check, bypassing the allowlist. The fix in PR #8622 replaces the naive lowercase startsWith check with a proper urlStartsWith method that enforces URL boundary semantics, adds URI normalization to block percent-encoded bypass sequences (CWE-20 mitigations), and introduces a new ENTITY_RESOLUTION_UNRESTRICTED_INTERNAL property for internal jar/vfs schema handling. Affected Maven packages are pkg:maven/org.geoserver:gs-main and pkg:maven/org.geoserver.web:gs-web-app.

RemediationAI

The vendor-released patch is available in GeoServer 2.26.4 (for 2.26.x branch users) and 2.27.3 (for 2.27.x branch users), as confirmed by the GHSA advisory and Maven package metadata. Operators should upgrade to the appropriate patched release via the GeoServer download page or by updating the Maven dependency. If an immediate upgrade is not feasible, the vendor has documented a zero-cost workaround: append a trailing slash or a path segment to the proxy base URL in GeoServer's global settings (e.g., change https://somesite.org to https://somesite.org/ or https://somesite.org/geoserver). This configuration change has no functional side effects and eliminates the prefix-boundary bypass. Installations that have not configured a proxy base URL are not affected by this vulnerability. The patch PR is available at https://github.com/geoserver/geoserver/pull/8622 and the advisory at https://github.com/geoserver/geoserver/security/advisories/GHSA-x4r9-gmw3-hxww.