diff --git a/docs/advisories/20240924002-GeoServer-Critical-Vulnerability.md b/docs/advisories/20240924002-GeoServer-Critical-Vulnerability.md
index 097f1c96..9e099eb0 100644
--- a/docs/advisories/20240924002-GeoServer-Critical-Vulnerability.md
+++ b/docs/advisories/20240924002-GeoServer-Critical-Vulnerability.md
@@ -6,9 +6,10 @@ The WA SOC has been made aware of vulnerability in GeoServer that allows Remote
## What is vulnerable?
-| Product(s) Affected | Version(s) | CVE # | CVSS v4/v3 | Severity |
-| ------------------- | --------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------- | ---------- | -------- |
-| Geoserver | geoserver versions \< 2.23.6
geoserver versions >= 2.24.0, \< 2.24.4
geoserver versions >= 2.25.0, \< 2.25.2 | [CVE-2024-36401](https://nvd.nist.gov/vuln/detail/CVE-2024-36401) | 9.8 | Critical |
+| Product(s) Affected | Version(s) | CVE # | CVSS v4/v3 | Severity |
+| --- | ---- | --- | --- | -- |
+| Geoserver | all versions < 2.23.6
2.24.0 < 2.24.4
2.25.0 < 2.25.2 | [CVE-2024-36401](https://nvd.nist.gov/vuln/detail/CVE-2024-36401) | 9.8 | Critical |
+| GeoTools | all versions < 29.6
30.0 < 30.4
31.0 < 31.2 | [CVE-2024-36404](https://nvd.nist.gov/vuln/detail/CVE-2024-36404) | 9.8 | Critical |
## What has been observed?
@@ -18,6 +19,8 @@ There is no evidence of exploitation affecting Western Australian Government net
The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of *48 hours...* (refer [Patch Management](../guidelines/patch-management.md)):
+- GeoServer advisory:
+
## Additional References
- The Hacker News: