GDAL up to and including 3.0.1 has a poolDestroy double free in OGRExpatRealloc in ogr/ogr_expat.cpp when the 10MB threshold is exceeded.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
osgeo gdal |
||
oracle spatial and graph 19c |
||
oracle spatial and graph 12.2.0.1 |
||
debian debian linux 8.0 |
||
debian debian linux 9.0 |
||
debian debian linux 10.0 |
||
fedoraproject fedora 30 |
||
fedoraproject fedora 31 |
||
opensuse leap 15.1 |
||
opensuse backports sle 15.0 |