PostGIS 2.x prior to 2.3.3, as used with PostgreSQL, allows remote malicious users to cause a denial of service via crafted ST_AsX3D function input, as demonstrated by an abnormal server termination for "SELECT ST_AsX3D('LINESTRING EMPTY');" because empty geometries are mishandled.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
postgis postgis |
||
debian debian linux 8.0 |
||
debian debian linux 9.0 |