2 matches found
Double Free
Overview Affected versions of this package are vulnerable to Double Free in the split function in contrib/shpsort.c. This could allow information exposure or code execution via manipulation of malloc. Remediation Upgrade shapelib to version 1.6.0 or higher. References - GitHub Commit - GitHub Iss...
PT-2021-7465
Name of the Vulnerable Software and Affected Versions shapelib versions 1.5.0 and older Description The issue is related to a double-free condition in the shapelib library, specifically in the contrib/shpsort.c file. This condition may allow a remote attacker to cause a denial of service or have...