gdal 3.5.3 vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the gdal package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
H Denial of Service (DoS) GDAL is a number of tools for programming and manipulating the GDAL Geospatial Data Abstraction Library. Affected versions of this package are vulnerable to Denial of Service (DoS) via the `GMLASReader` class due to improper entity expansion restrictions. Exploiting this vulnerability is possible when parsing specially crafted XML files with recursive entity definitions. How to fix Denial of Service (DoS)? Upgrade `GDAL` to version 3.9.3 or higher.	[,3.9.3)
H Denial of Service (DoS) Affected versions of this package are vulnerable to Denial of Service (DoS) via the `GMLASReader` class due to improper entity expansion restrictions. Exploiting this vulnerability is possible when parsing specially crafted XML files with recursive entity definitions. How to fix Denial of Service (DoS)? Upgrade `gdal` to version 3.9.3 or higher.	[,3.9.3)
M Denial of Service (DoS) GDAL is a number of tools for programming and manipulating the GDAL Geospatial Data Abstraction Library. Affected versions of this package are vulnerable to Denial of Service (DoS) when processing an index `.idx` file with sub-messages with GRIB2 files. How to fix Denial of Service (DoS)? Upgrade `GDAL` to version 3.6.0 or higher.	[,3.6.0)

Vulnerability

Vulnerable Version

Denial of Service (DoS)

GDAL is a number of tools for programming and manipulating the GDAL Geospatial Data Abstraction Library.

Affected versions of this package are vulnerable to Denial of Service (DoS) via the GMLASReader class due to improper entity expansion restrictions. Exploiting this vulnerability is possible when parsing specially crafted XML files with recursive entity definitions.

How to fix Denial of Service (DoS)?

Upgrade GDAL to version 3.9.3 or higher.

[,3.9.3)

Denial of Service (DoS)

How to fix Denial of Service (DoS)?

Upgrade gdal to version 3.9.3 or higher.

[,3.9.3)

Denial of Service (DoS)

GDAL is a number of tools for programming and manipulating the GDAL Geospatial Data Abstraction Library.

Affected versions of this package are vulnerable to Denial of Service (DoS) when processing an index .idx file with sub-messages with GRIB2 files.

How to fix Denial of Service (DoS)?

Upgrade GDAL to version 3.6.0 or higher.

[,3.6.0)

gdal@3.5.3 vulnerabilities

GDAL: Geospatial Data Abstraction Library

latest version

latest non vulnerable version

first published

latest version published

licenses detected

Direct Vulnerabilities

Fix vulnerabilities automatically