[SECURITY] [DLA 4523-1] python-geopandas security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4523-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb April 21, 2026 https://wiki.debian.org/LTS -...

Debian dla-4523 : python3-geopandas - security update

The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-4523 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4523-1 [email protected] https://www.debian.org/lts/security/...

Debian: Security Advisory (DLA-4523-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-8083-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 : GeoPandas vulnerability (USN-8083-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 host has a package installed that is affected by a vulnerability as referenced in the USN-8083-1 advisory. It was discovered that GeoPandas incorrectly handled certain input. An attacker could possibly use this issue to perform SQL injection attacks...

USN-8083-1: GeoPandas vulnerability

It was discovered that GeoPandas incorrectly handled certain input. An attacker could possibly use this issue to perform SQL injection attacks...

USN-8083-1 python-geopandas vulnerability

It was discovered that GeoPandas incorrectly handled certain input. An attacker could possibly use this issue to perform SQL injection attacks...

SUSE CVE-2025-69662

SQL injection vulnerability in geopandas before v.1.1.2 allows an attacker to obtain sensitive information via the topostgis function being used to write GeoDataFrames to a PostgreSQL database...

Linux Distros Unpatched Vulnerability : CVE-2025-69662

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SQL injection vulnerability in geopandas before v.1.1.2 allows an attacker to obtain sensitive information via the topostgis function being used to write...

acs-nativity (>=0.1.0 <=0.1.4), aiearth-predict (>=0.0.1 <=0.0.2) +184 more potentially affected by CVE-2025-69662 via geopandas (>=1.0.0 <=1.1.1)

geopandas PYPI version =1.0.0, =0.1.0, =0.0.1, =0.8.3.dev267297206, =1.1.8, =0.0.10, =0.11.0, =2.1.0, =0.1.0, =0.1.0, =0.12.0, =1.0.0, =1.1.0 and more Source cves: CVE-2025-69662 Source advisory: SNYK:PYTHON-GEOPANDAS-15170839...

SQL Injection

Overview geopandas is a Geographic pandas extensions Affected versions of this package are vulnerable to SQL Injection in the topostgis function, which can be injected into via the geomname parameter to renamegeometry. An attacker can execute malicious SQL and retrieve the database server version...

acs-nativity (>=0.1.0 <=0.1.4), aiearth-predict (>=0.0.1 <=0.0.2) +276 more potentially affected by CVE-2025-69662 via geopandas (>=0.2.1 <=1.1.1)

geopandas PYPI version =0.2.1, =0.1.0, =0.0.1, =0.1.0, =0.8.3.dev267297206, =0.1.1, =0.2.0, =0.0.3, =1.1.8, =0.0.24, =0.0.10, =0.11.0, =0.1.0, =0.1.0, =0.1.21 and more Source cves: CVE-2025-69662 Source advisory: OSV:GHSA-6497-PRX7-GPMQ...

GHSA-6497-PRX7-GPMQ geopandas SQL Injection Vulnerability in to_postgis() Allows Information Disclosure

SQL injection vulnerability in geopandas before v.1.1.2 allows an attacker to obtain sensitive information via the topostgis function being used to write GeoDataFrames to a PostgreSQL database...

geopandas SQL Injection Vulnerability in to_postgis() Allows Information Disclosure

SQL injection vulnerability in geopandas before v.1.1.2 allows an attacker to obtain sensitive information via the topostgis function being used to write GeoDataFrames to a PostgreSQL database...

acs-nativity (>=0.1.0 <=0.1.4), aiearth-predict (>=0.0.1 <=0.0.2) +276 more potentially affected by CVE-2025-69662 via geopandas (>=0.2.1 <=1.1.1)

geopandas PYPI version =0.2.1, =0.1.0, =0.0.1, =0.1.0, =0.8.3.dev267297206, =0.1.1, =0.2.0, =0.0.3, =1.1.8, =0.0.24, =0.0.10, =0.11.0, =0.1.0, =0.1.0, =0.1.21 and more Source cves: CVE-2025-69662 Source advisory: OSV:PYSEC-2026-62...

PYSEC-2026-62

SQL injection vulnerability in geopandas before v.1.1.2 allows an attacker to obtain sensitive information via the topostgis function being used to write GeoDataFrames to a PostgreSQL database...

PYSEC-2026-62

SQL injection vulnerability in geopandas before v.1.1.2 allows an attacker to obtain sensitive information via the topostgis function being used to write GeoDataFrames to a PostgreSQL database...

CVE-2025-69662

SQL injection vulnerability in geopandas before v.1.1.2 allows an attacker to obtain sensitive information via the topostgis function being used to write GeoDataFrames to a PostgreSQL database...

CVE-2025-69662

SQL injection vulnerability in geopandas before v.1.1.2 allows an attacker to obtain sensitive information via the topostgis function being used to write GeoDataFrames to a PostgreSQL database...

CVE-2025-69662

SQL injection vulnerability in geopandas before v.1.1.2 allows an attacker to obtain sensitive information via the topostgis function being used to write GeoDataFrames to a PostgreSQL database...