Oracle » Spatial And Graph » 19c : Security Vulnerabilities, CVEs,
GDAL 3.3.0 through 3.4.0 has a heap-based buffer overflow in PCIDSK::CPCIDSKFile::ReadFromFile (called from PCIDSK::CPCIDSKSegment::ReadFromFile and PCIDSK::CPCIDSKBinarySegment::CPCIDSKBinarySegment).
Max CVSS
5.5
EPSS Score
0.14%
Published
2022-01-01
Updated
2022-11-04
Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS connection to be intercepted by a man-in-the-middle attack which could leak any log messages sent through that appender. Fixed in Apache Log4j 2.12.3 and 2.13.1
Max CVSS
4.3
EPSS Score
0.19%
Published
2020-04-27
Updated
2022-05-12
GDAL through 3.0.1 has a poolDestroy double free in OGRExpatRealloc in ogr/ogr_expat.cpp when the 10MB threshold is exceeded.
Max CVSS
9.8
EPSS Score
1.09%
Published
2019-10-14
Updated
2022-10-27
3 vulnerabilities found