Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
osgeo mapserver vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2021-32062
MapServer prior to 7.0.8, 7.1.x and 7.2.x prior to 7.2.3, 7.3.x and 7.4.x prior to 7.4.5, and 7.5.x and 7.6.x prior to 7.6.3 does not properly enforce the MS_MAP_NO_PATH and MS_MAP_PATTERN restrictions that are intended to control the locations from which a mapfile may be loaded ...
Osgeo Mapserver
Fedoraproject Fedora 33
Fedoraproject Fedora 34
5
CVSSv2
CVE-2010-1678
Mapserver 5.2, 5.4 and 5.6 prior to 5.6.5-2 improperly validates symbol index values during Mapfile parsing.
Osgeo Mapserver 5.2.0
Osgeo Mapserver 5.4.0
Osgeo Mapserver
7.5
CVSSv2
CVE-2017-5522
Stack-based buffer overflow in MapServer prior to 6.0.6, 6.2.x prior to 6.2.4, 6.4.x prior to 6.4.5, and 7.0.x prior to 7.0.4 allows remote malicious users to cause a denial of service (crash) or execute arbitrary code via vectors involving WFS get feature requests.
Debian Debian Linux 8.0
Osgeo Mapserver 7.0.0
Osgeo Mapserver 6.4.1
Osgeo Mapserver 6.4.2
Osgeo Mapserver 6.4.3
Osgeo Mapserver 6.2.0
Osgeo Mapserver
Osgeo Mapserver 7.0.3
Osgeo Mapserver 6.4.4
Osgeo Mapserver 6.4.0
Osgeo Mapserver 7.0.1
Osgeo Mapserver 6.2.1
Osgeo Mapserver 6.2.2
Osgeo Mapserver 6.2.3
Osgeo Mapserver 7.0.2
5
CVSSv2
CVE-2016-9839
In MapServer prior to 7.0.3, OGR driver error messages are too verbose and may leak sensitive information if data connection fails.
Osgeo Mapserver
6.8
CVSSv2
CVE-2013-7262
SQL injection vulnerability in the msPostGISLayerSetTimeFilter function in mappostgis.c in MapServer prior to 6.4.1, when a WMS-Time service is used, allows remote malicious users to execute arbitrary SQL commands via a crafted string in a PostGIS TIME filter.
Osgeo Mapserver 6.2.1
Umn Mapserver 6.0.0
Umn Mapserver 5.2.3
Osgeo Mapserver 4.10.2
Osgeo Mapserver 4.10.4
Osgeo Mapserver 4.6.0
Osgeo Mapserver 4.8.0
Osgeo Mapserver 5.0.0
Osgeo Mapserver 5.2.1
Osgeo Mapserver 5.4.0
Osgeo Mapserver 5.4.2
Osgeo Mapserver 6.2.0
Osgeo Mapserver 6.0.3
Osgeo Mapserver 6.0.2
Osgeo Mapserver 6.0.1
Osgeo Mapserver 4.10.5
Osgeo Mapserver 4.2.0
Osgeo Mapserver 4.4.0
Osgeo Mapserver 4.10.0
Osgeo Mapserver 5.2.0
Osgeo Mapserver 5.6.1
Osgeo Mapserver 5.6.3
6.8
CVSSv2
CVE-2011-2975
Double free vulnerability in the msAddImageSymbol function in mapsymbol.c in MapServer prior to 6.0.1 might allow remote malicious users to cause a denial of service (application crash) or have unspecified other impact via crafted mapfile data.
Osgeo Mapserver 5.0.0
Osgeo Mapserver 5.2.0
Osgeo Mapserver 5.2.1
Osgeo Mapserver 4.10.0
Osgeo Mapserver 5.4.0
Osgeo Mapserver 4.10.2
Osgeo Mapserver 4.10.3
Osgeo Mapserver 4.8.0
Osgeo Mapserver 5.6.0
Osgeo Mapserver 4.2.0
Umn Mapserver 5.6.4
Umn Mapserver 5.6.5
Umn Mapserver 5.6.6
Osgeo Mapserver
Osgeo Mapserver 5.4.1
Osgeo Mapserver 4.4.0
Osgeo Mapserver 4.6.0
Umn Mapserver 6.0.0
Osgeo Mapserver 5.4.2
Osgeo Mapserver 5.6.3
Umn Mapserver 5.2.2
Umn Mapserver 5.6.7
1 EDB exploit
7.5
CVSSv2
CVE-2011-2704
Stack-based buffer overflow in MapServer prior to 4.10.7 and 5.x prior to 5.6.7 allows remote malicious users to execute arbitrary code via vectors related to OGC filter encoding.
Osgeo Mapserver 4.10.0
Osgeo Mapserver 4.10.2
Osgeo Mapserver 4.8.0
Osgeo Mapserver 4.4.0
Osgeo Mapserver 4.6.0
Osgeo Mapserver 4.10.5
Osgeo Mapserver 4.10.4
Osgeo Mapserver 4.2.0
Osgeo Mapserver
Osgeo Mapserver 4.10.3
Osgeo Mapserver 4.10.1
Osgeo Mapserver 5.2.0
Osgeo Mapserver 5.0.0
Osgeo Mapserver 5.4.2
Osgeo Mapserver 5.4.0
Osgeo Mapserver 5.6.0
Umn Mapserver 5.2.3
Osgeo Mapserver 5.2.1
Osgeo Mapserver 5.4.1
Umn Mapserver 5.6.4
Umn Mapserver 5.6.5
Umn Mapserver 5.6.6
7.5
CVSSv2
CVE-2011-2703
Multiple SQL injection vulnerabilities in MapServer prior to 4.10.7, 5.x prior to 5.6.7, and 6.x prior to 6.0.1 allow remote malicious users to execute arbitrary SQL commands via vectors related to (1) OGC filter encoding or (2) WMS time support.
Osgeo Mapserver 4.10.3
Osgeo Mapserver 4.10.1
Osgeo Mapserver 4.8.0
Osgeo Mapserver 4.6.0
Osgeo Mapserver 4.10.0
Osgeo Mapserver 4.10.2
Osgeo Mapserver 4.4.0
Osgeo Mapserver 4.10.5
Osgeo Mapserver 4.10.4
Osgeo Mapserver 4.2.0
Osgeo Mapserver
Osgeo Mapserver 5.2.0
Osgeo Mapserver 5.0.0
Osgeo Mapserver 5.4.0
Osgeo Mapserver 5.6.1
Osgeo Mapserver 5.6.3
Osgeo Mapserver 5.4.2
Osgeo Mapserver 5.6.0
Umn Mapserver 5.2.3
Osgeo Mapserver 5.2.1
Osgeo Mapserver 5.4.1
Umn Mapserver 5.6.4
2.1
CVSSv2
CVE-2010-2539
Buffer overflow in the msTmpFile function in maputil.c in mapserv in MapServer prior to 4.10.6 and 5.x prior to 5.6.4 allows local users to cause a denial of service via vectors involving names of temporary files.
Osgeo Mapserver 4.10.1
Osgeo Mapserver 4.10.0
Osgeo Mapserver 4.8.0
Osgeo Mapserver 4.6.0
Osgeo Mapserver 4.4.0
Osgeo Mapserver
Osgeo Mapserver 4.10.4
Osgeo Mapserver 4.2.0
Umn Mapserver 4.0
Osgeo Mapserver 4.10.2
Osgeo Mapserver 4.10.3
Osgeo Mapserver 5.2.1
Osgeo Mapserver 5.2.0
Osgeo Mapserver 5.0.0
Osgeo Mapserver 5.4.0
Osgeo Mapserver 5.4.1
Osgeo Mapserver 5.4.2
Osgeo Mapserver 5.6.1
Osgeo Mapserver 5.6.0
10
CVSSv2
CVE-2010-2540
mapserv.c in mapserv in MapServer prior to 4.10.6 and 5.x prior to 5.6.4 does not properly restrict the use of CGI command-line arguments that were intended for debugging, which allows remote malicious users to have an unspecified impact via crafted arguments.
Osgeo Mapserver 4.10.4
Osgeo Mapserver
Osgeo Mapserver 4.10.0
Osgeo Mapserver 4.6.0
Umn Mapserver 4.0
Osgeo Mapserver 4.10.3
Osgeo Mapserver 4.10.1
Osgeo Mapserver 4.8.0
Osgeo Mapserver 4.4.0
Osgeo Mapserver 4.10.2
Osgeo Mapserver 4.2.0
Osgeo Mapserver 5.2.0
Osgeo Mapserver 5.0.0
Osgeo Mapserver 5.4.0
Osgeo Mapserver 5.6.0
Osgeo Mapserver 5.4.2
Osgeo Mapserver 5.6.1
Osgeo Mapserver 5.2.1
Osgeo Mapserver 5.4.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »