Jody

**Name of the Vulnerable Software and Affected Versions** GeoServer 2 (affected versions not specified) **Description** The issue is related to insufficient input validation in the java.lang.Runtime.getRuntime().exec function of the GeoServer software, which can allow remote attackers to execute arbitrary code. This has been exploited in the wild in June 2023. The vendor states that they are unable to reproduce this in any version. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.