Homepage
About Snyk

gdal@3.1.0 vulnerabilities

GDAL: Geospatial Data Abstraction Library

Go back to all versions of this package
Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the gdal package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • M
Denial of Service (DoS)

GDAL is a number of tools for programming and manipulating the GDAL Geospatial Data Abstraction Library.

Affected versions of this package are vulnerable to Denial of Service (DoS) when processing an index .idx file with sub-messages with GRIB2 files.

How to fix Denial of Service (DoS)?

Upgrade GDAL to version 3.6.0 or higher.

[,3.6.0)
  • H
Out-of-bounds Read

GDAL is a number of tools for programming and manipulating the GDAL Geospatial Data Abstraction Library.

Affected versions of this package are vulnerable to Out-of-bounds Read due to an insecure memory allocation in the CPLRecodeFromWCharIconV function.

How to fix Out-of-bounds Read?

Upgrade GDAL to version 3.4.3 or higher.

[,3.4.3)
Go back to all versions of this package