Latest version: v3.10.2
| CVE/PVE | Vulnerability ID | Advisory | Affected versions | Severity | Severity Score |
|---|---|---|---|---|---|
| PVE-2024-74054 | 74054 |
Affected versions of GDAL's GMLAS driver are vulnerable to XML Entity… |
|
- | - |
| CVE-2023-45853 | 62283 |
Gdal 3.8.0 backports a security fix for CVE-2023-45853: MiniZip in zl… |
|
CRITICAL | 9.8 |
| PVE-2022-51832 | 51832 |
Gdal 3.6.0 fixes a crash and invalid metadata when processing index .… |
|
- | - |
| PVE-2022-48545 | 48545 |
Gdal 3.5.0 fixes an out of bounds read in CPLRecodeFromWCharIconV(). … |
|
- | - |
| CVE-2019-25050 | 42369 |
Gdal 3.4.0 includes a fix for its C dependency 'netcdf': A stack read… |
|
HIGH | 7.8 |
| PVE-2023-61143 | 61143 |
Gdal 3.4.0 requires versions of libgdal 3.4.0 or greater, that includ… |
|
- | - |
| CVE-2021-45943 | 70734 |
GDAL 3.3.0 through 3.4.0 has a heap-based buffer overflow in PCIDSK::… |
|
MEDIUM | 5.5 |
| PVE-2021-42370 | 42370 |
Gdal 3.1.0 includes multiple security related fixes detected by OSS-F… |
|
HIDDEN | X.Y |
| CVE-2019-17545 | 65842 |
GDAL through 3.0.1 has a poolDestroy double free in OGRExpatRealloc i… |
|
CRITICAL | 9.8 |
| PVE-2021-42371 | 42371 |
Gdal 2.3.0 includes more than 1000 fixes for issues/vulnerabilities f… |
|
HIDDEN | X.Y |
| CVE-2006-2314 | 42372 |
Gdal 2.3.0 drops support for PostgreSQL client library older than 7.4… |
|
HIGH | 7.5 |
| CVE-2006-2313 | 45575 |
Gdal 2.3.0 drops support for PostgreSQL client library older than 7.4… |
|
HIGH | 7.5 |
| CVE-2013-6629 | 42374 |
Gdal 1.11.0 applies a patch for CVE-2013-6629 in the JPEG driver. |
|
MEDIUM | 5.0 |
| PVE-2021-42376 | 42376 |
Gdal 1.11.0 switches http to https for the oauth2 link to improve sec… |
|
HIDDEN | X.Y |
| PVE-2021-42375 | 42375 |
Gdal 1.10.0 fixes various vulnerabilities/DoS in the GXF driver. ht… |
|
HIDDEN | X.Y |
| PVE-2024-99784 | 66045 |
GDAL before is vulnerable to a Denial of Service (DoS) attack via the… |
|
- | - |