129 matches found
The vulnerability of the ST_AsX3D function in the PostgreSQL PostGIS geographic object processing module allows a attacker to cause a service failure.
The vulnerability of the STAsX3D function in the PostgreSQL PostGIS geographic object processing module is related to insufficient validation of input data. Exploiting this vulnerability allows an attacker to cause service failures...
Mageia: Security Advisory (MGASA-2015-0207)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2857-2] postgis regression update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2857-2 [email protected] https://www.debian.org/lts/security/ Adrian Bunk December 29, 2021 https://wiki.debian.org/LTS -...
Debian: Security Advisory (DLA-2857-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
DLA-2857-2 postgis - regression update
Bulletin has no description...
DLA-2857-1 postgis - security update
Bulletin has no description...
[SECURITY] [DLA 2857-1] postgis security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2857-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk December 28, 2021 https://wiki.debian.org/LTS -...
Debian DLA-2857-1 : postgis - LTS security update
"The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-2857 advisory. - PostGIS 2.x before 2.3.3, as used with PostgreSQL, allows remote attackers to cause a denial of service via crafted STAsX3D function input, as demonstrated by an abnorma...
postgis:wkb_import_fuzzer: Crash in double_from_wkb_state
Project: https://git.osgeo.org/gitea/postgis/postgis.git Detailed Report: https://oss-fuzz.com/testcase?key=5764682215849984 Project: postgis Fuzzing Engine: libFuzzer Fuzz Target: wkbimportfuzzer Job Type: libfuzzerubsanpostgis Platform Id: linux Crash Type: UNKNOWN READ Crash Address:...
postgis:wkb_import_fuzzer: Heap-buffer-overflow in integer_from_wkb_state
Project: https://git.osgeo.org/gitea/postgis/postgis.git Detailed Report: https://oss-fuzz.com/testcase?key=5760493611909120 Project: postgis Fuzzing Engine: libFuzzer Fuzz Target: wkbimportfuzzer Job Type: libfuzzerasanpostgis Platform Id: linux Crash Type: Heap-buffer-overflow READ 4 Crash...
postgis:wkb_import_fuzzer: Heap-buffer-overflow in byte_from_wkb_state
Project: https://git.osgeo.org/gitea/postgis/postgis.git Detailed Report: https://oss-fuzz.com/testcase?key=5686969597689856 Project: postgis Fuzzing Engine: afl Fuzz Target: wkbimportfuzzer Job Type: aflasanpostgis Platform Id: linux Crash Type: Heap-buffer-overflow READ 1 Crash Address:...
Debian DLA-1653-1 : postgis security update
It was found that the function STAsX3D in PostGIS, a module that adds spatial objects to the PostgreSQL object-relational database, did not handle empty values properly, allowing malicious users to cause denial of service or possibly other unspecified behaviour. For Debian 8 'Jessie', this proble...
[SECURITY] [DLA 1653-1] postgis security update
Package : postgis Version : 2.1.4+dfsg-3+deb8u1 CVE ID : CVE-2017-18359 It was found that the function STAsX3D in PostGIS, a module that adds spatial objects to the PostgreSQL object-relational database, did not handle empty values properly, allowing malicious users to cause denial of service or...
Debian: Security Advisory (DLA-1653-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
DLA-1653-1 postgis - security update
Bulletin has no description...
Input validation
PostGIS 2.x before 2.3.3, as used with PostgreSQL, allows remote attackers to cause a denial of service via crafted STAsX3D function input, as demonstrated by an abnormal server termination for "SELECT STAsX3D'LINESTRING EMPTY';" because empty geometries are mishandled...
CVE-2017-18359
PostGIS 2.x before 2.3.3, as used with PostgreSQL, allows remote attackers to cause a denial of service via crafted STAsX3D function input, as demonstrated by an abnormal server termination for "SELECT STAsX3D'LINESTRING EMPTY';" because empty geometries are mishandled...
CVE-2017-18359
PostGIS 2.x before 2.3.3, as used with PostgreSQL, allows remote attackers to cause a denial of service via crafted STAsX3D function input, as demonstrated by an abnormal server termination for "SELECT STAsX3D'LINESTRING EMPTY';" because empty geometries are mishandled...
UBUNTU-CVE-2017-18359
PostGIS 2.x before 2.3.3, as used with PostgreSQL, allows remote attackers to cause a denial of service via crafted STAsX3D function input, as demonstrated by an abnormal server termination for "SELECT STAsX3D'LINESTRING EMPTY';" because empty geometries are mishandled...
CVE-2017-18359
PostGIS 2.x before 2.3.3, as used with PostgreSQL, allows remote attackers to cause a denial of service via crafted STAsX3D function input, as demonstrated by an abnormal server termination for "SELECT STAsX3D'LINESTRING EMPTY';" because empty geometries are mishandled...