Osgeo

Gdal

13 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.1%
  • Veröffentlicht 27.05.2026 01:39:18
  • Zuletzt bearbeitet 04.06.2026 16:12:47

In GDAL 3.1.0 through 3.13.0, scanForGeometryContainers in the netCDF driver allows code execution via a stack-based buffer overflow. It reads a geometry attribute into a fixed-size stack buffer without validating the attribute length. The attacker e...

Exploit
  • EPSS 0.26%
  • Veröffentlicht 09.05.2026 23:00:17
  • Zuletzt bearbeitet 19.05.2026 19:58:24

A vulnerability has been found in OSGeo gdal up to 3.13.0dev-4. Affected by this issue is the function GDSDfldsrch of the file frmts/hdf4/hdf-eos/GDapi.c of the component Grid File Handler. The manipulation leads to heap-based buffer overflow. An att...

Exploit
  • EPSS 0.21%
  • Veröffentlicht 09.05.2026 22:30:12
  • Zuletzt bearbeitet 19.05.2026 20:01:14

A flaw has been found in OSGeo gdal up to 3.13.0dev-4. Affected by this vulnerability is the function SWSDfldsrch of the file frmts/hdf4/hdf-eos/SWapi.c. Executing a manipulation can lead to heap-based buffer overflow. The attack requires local acces...

Exploit
  • EPSS 0.25%
  • Veröffentlicht 07.05.2026 19:30:11
  • Zuletzt bearbeitet 08.05.2026 20:11:23

A weakness has been identified in OSGeo gdal up to 3.13.0dev-4. The affected element is the function GDfieldinfo of the file frmts/hdf4/hdf-eos/GDapi.c. Executing a manipulation can lead to out-of-bounds read. The attack needs to be launched locally....

Exploit
  • EPSS 0.22%
  • Veröffentlicht 07.05.2026 19:00:15
  • Zuletzt bearbeitet 08.05.2026 19:03:09

A security flaw has been discovered in OSGeo gdal up to 3.13.0dev-4. Impacted is the function GDnentries of the file frmts/hdf4/hdf-eos/GDapi.c. Performing a manipulation of the argument DataFieldName results in heap-based buffer overflow. The attack...

Exploit
  • EPSS 0.24%
  • Veröffentlicht 07.05.2026 18:45:13
  • Zuletzt bearbeitet 08.05.2026 19:04:48

A vulnerability was identified in OSGeo gdal up to 3.13.0dev-4. This issue affects the function SWnentries of the file frmts/hdf4/hdf-eos/SWapi.c. Such manipulation of the argument DimensionName leads to heap-based buffer overflow. The attack must be...

Exploit
  • EPSS 0.26%
  • Veröffentlicht 07.05.2026 18:30:13
  • Zuletzt bearbeitet 08.05.2026 20:11:59

A vulnerability was determined in OSGeo gdal up to 3.13.0dev-4. This vulnerability affects the function memmove of the file frmts/hdf4/hdf-eos/SWapi.c of the component HDF-EOS Grid File Handler. This manipulation causes out-of-bounds read. The attack...

  • EPSS 0.28%
  • Veröffentlicht 24.03.2026 03:18:10
  • Zuletzt bearbeitet 24.03.2026 15:53:48

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in OSGeo gdal (frmts/zlib/contrib/infback9 modules). This vulnerability is associated with program files inftree9.C‎. This issue affects gdal: before 3.11.0.

Exploit
  • EPSS 0.21%
  • Veröffentlicht 07.04.2025 00:00:00
  • Zuletzt bearbeitet 23.07.2025 15:15:30

Buffer Overflow vulnerability in gdal 3.10.2 allows a local attacker to cause a denial of service via the OGRSpatialReference::Release function. NOTE: the Supplier indicates that the report is invalid and could not be reproduced.

Exploit
  • EPSS 1.49%
  • Veröffentlicht 01.01.2022 01:15:09
  • Zuletzt bearbeitet 21.11.2024 06:33:19

GDAL 3.3.0 through 3.4.0 has a heap-based buffer overflow in PCIDSK::CPCIDSKFile::ReadFromFile (called from PCIDSK::CPCIDSKSegment::ReadFromFile and PCIDSK::CPCIDSKBinarySegment::CPCIDSKBinarySegment).