oracle

spatial_and_graph

3 known vulnerabilities · sorted by CVSS score

CVE-2019-17545

GDAL through 3.0.1 has a poolDestroy double free in OGRExpatRealloc in ogr/ogr_expat.cpp when the 10MB threshold is exceeded.

osgeo / gdal+9

Network

Published Oct 14, 2019

CVE-2021-45943

MEDIUM5.5

GDAL 3.3.0 through 3.4.0 has a heap-based buffer overflow in PCIDSK::CPCIDSKFile::ReadFromFile (called from PCIDSK::CPCIDSKSegment::ReadFromFile and PCIDSK::CPCIDSKBinarySegment::CPCIDSKBinarySegment).

osgeo / gdal+7

Local

Published Jan 1, 2022

CVE-2020-9488

LOW3.7

Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS connection to be intercepted by a man-in-the-middle attack which could leak any log messages sent through that appender. Fixed in Apache Log4j 2.12.3 and 2.13.1

oracle / insurance_rules_palette+100

Network

Published Apr 27, 2020