VulnerableCode Package Details - pkg:pypi/geonode@2.0b11

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:pypi/geonode@2.0b11

Essentials
History (1)

purl	pkg:pypi/geonode@2.0b11

Next non-vulnerable version	4.4.5
Latest non-vulnerable version	5.0.2
Risk

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-kvfp-4b99-7ufe Aliases: CVE-2023-26043 GHSA-mcmc-c59m-pqq8 PYSEC-2023-15	GeoNode is an open source platform that facilitates the creation, sharing, and collaborative use of geospatial data. GeoNode is vulnerable to an XML External Entity (XXE) injection in the style upload functionality of GeoServer leading to Arbitrary File Read. This issue has been patched in version 4.0.3.	4.0.3 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-02T04:18:24.633233+00:00	Pypa Importer	Affected by	VCID-kvfp-4b99-7ufe	https://github.com/pypa/advisory-database/blob/main/vulns/geonode/PYSEC-2023-15.yaml	38.6.0