Vulnerability	Vulnerable Version
H Denial of Service (DoS) GDAL is a number of tools for programming and manipulating the GDAL Geospatial Data Abstraction Library. Affected versions of this package are vulnerable to Denial of Service (DoS) via the `GMLASReader` class due to improper entity expansion restrictions. Exploiting this vulnerability is possible when parsing specially crafted XML files with recursive entity definitions. How to fix Denial of Service (DoS)? Upgrade `GDAL` to version 3.9.3 or higher.	[,3.9.3)
H Denial of Service (DoS) Affected versions of this package are vulnerable to Denial of Service (DoS) via the `GMLASReader` class due to improper entity expansion restrictions. Exploiting this vulnerability is possible when parsing specially crafted XML files with recursive entity definitions. How to fix Denial of Service (DoS)? Upgrade `gdal` to version 3.9.3 or higher.	[,3.9.3)
M Denial of Service (DoS) GDAL is a number of tools for programming and manipulating the GDAL Geospatial Data Abstraction Library. Affected versions of this package are vulnerable to Denial of Service (DoS) when processing an index `.idx` file with sub-messages with GRIB2 files. How to fix Denial of Service (DoS)? Upgrade `GDAL` to version 3.6.0 or higher.	[,3.6.0)
H Out-of-bounds Read GDAL is a number of tools for programming and manipulating the GDAL Geospatial Data Abstraction Library. Affected versions of this package are vulnerable to Out-of-bounds Read due to an insecure memory allocation in the `CPLRecodeFromWCharIconV` function. How to fix Out-of-bounds Read? Upgrade `GDAL` to version 3.4.3 or higher.	[,3.4.3)

Go back to all versions of this package