147 matches found
CVE-2026-49014
In GDAL 3.1.0 through 3.13.0, scanForGeometryContainers in the netCDF driver allows code execution via a stack-based buffer overflow. It reads a geometry attribute into a fixed-size stack buffer without validating the attribute length. The attacker embeds the exploit as an oversized geometry...
BIT-GDAL-2026-49014
In GDAL 3.1.0 through 3.13.0, scanForGeometryContainers in the netCDF driver allows code execution via a stack-based buffer overflow. It reads a geometry attribute into a fixed-size stack buffer without validating the attribute length. The attacker embeds the exploit as an oversized geometry...
SUSE CVE-2026-49014
In GDAL 3.1.0 through 3.13.0, scanForGeometryContainers in the netCDF driver allows code execution via a stack-based buffer overflow. It reads a geometry attribute into a fixed-size stack buffer without validating the attribute length. The attacker embeds the exploit as an oversized geometry...
PYSEC-2026-193
In GDAL 3.1.0 through 3.13.0, scanForGeometryContainers in the netCDF driver allows code execution via a stack-based buffer overflow. It reads a geometry attribute into a fixed-size stack buffer without validating the attribute length. The attacker embeds the exploit as an oversized geometry...
DEBIAN-CVE-2026-49014
In GDAL 3.1.0 through 3.13.0, scanForGeometryContainers in the netCDF driver allows code execution via a stack-based buffer overflow. It reads a geometry attribute into a fixed-size stack buffer without validating the attribute length. The attacker embeds the exploit as an oversized geometry...
CVE-2026-49014
In GDAL 3.1.0 through 3.13.0, scanForGeometryContainers in the netCDF driver allows code execution via a stack-based buffer overflow. It reads a geometry attribute into a fixed-size stack buffer without validating the attribute length. The attacker embeds the exploit as an oversized geometry...
CVE-2026-49014
In GDAL 3.1.0 through 3.13.0, scanForGeometryContainers in the netCDF driver allows code execution via a stack-based buffer overflow. It reads a geometry attribute into a fixed-size stack buffer without validating the attribute length. The attacker embeds the exploit as an oversized geometry...
UBUNTU-CVE-2026-49014
In GDAL 3.1.0 through 3.13.0, scanForGeometryContainers in the netCDF driver allows code execution via a stack-based buffer overflow. It reads a geometry attribute into a fixed-size stack buffer without validating the attribute length. The attacker embeds the exploit as an oversized geometry...
CVE-2026-49014
In GDAL 3.1.0 through 3.13.0, scanForGeometryContainers in the netCDF driver allows code execution via a stack-based buffer overflow. It reads a geometry attribute into a fixed-size stack buffer without validating the attribute length. The attacker embeds the exploit as an oversized geometry...
CVE-2026-49014
In GDAL 3.1.0 through 3.13.0, scanForGeometryContainers in the netCDF driver allows code execution via a stack-based buffer overflow. It reads a geometry attribute into a fixed-size stack buffer without validating the attribute length. The attacker embeds the exploit as an oversized geometry...
CVE-2026-49014
In GDAL 3.1.0 through 3.13.0, scanForGeometryContainers in the netCDF driver allows code execution via a stack-based buffer overflow. It reads a geometry attribute into a fixed-size stack buffer without validating the attribute length. The attacker embeds the exploit as an oversized geometry...
CVE-2026-49014
CVE-2026-49014 affects GDAL versions 3.1.0–3.13.0 via the netCDF driver. The vulnerability resides in scanForGeometryContainers (frmts/netcdf/netcdfsg.cpp), where a geometry attribute is read into a fixed-size stack buffer without validating its length, allowing a stack-based buffer overflow that...
CVE-2026-49014
In GDAL 3.1.0 through 3.13.0, scanForGeometryContainers in the netCDF driver allows code execution via a stack-based buffer overflow. It reads a geometry attribute into a fixed-size stack buffer without validating the attribute length. The attacker embeds the exploit as an oversized geometry...
CVE-2026-49014
In GDAL 3.1.0 through 3.13.0, scanForGeometryContainers in the netCDF driver allows code execution via a stack-based buffer overflow. It reads a geometry attribute into a fixed-size stack buffer without validating the attribute length. The attacker embeds the exploit as an oversized geometry...
EUVD-2026-32039
In GDAL 3.1.0 through 3.13.0, scanForGeometryContainers in the netCDF driver allows code execution via a stack-based buffer overflow. It reads a geometry attribute into a fixed-size stack buffer without validating the attribute length. The attacker embeds the exploit as an oversized geometry...
PT-2026-43475
Name of the Vulnerable Software and Affected Versions GDAL versions 3.1.0 through 3.13.0 Description The netCDF driver contains a stack-based buffer overflow in the scanForGeometryContainers function located in frmts/netcdf/netcdfsg.cpp. The issue occurs because the function reads a geometry...
GDAL 安全漏洞
GDAL is an open-source geospatial data abstraction library developed by the GDAL community. Versions 3.1.0 to 3.13.0 of GDAL contain security vulnerabilities. These vulnerabilities stem from the scanForGeometryContainers function in the netCDF driver, which reads geometric properties into a...
Astra Linux – Vulnerability in netcdf
The ezxmlnew function in ezXML 0.8.6 and earlier is vulnerable to OOB write attacks when opening an XML file after exhausting the memory pool...
Astra Linux – Vulnerability in netcdf
A issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxmlparsestr performs incorrect memory handling during the parsing of crafted XML files out-of-bounds read after a certain strcspn failure...
Astra Linux – Vulnerability in netcdf
The ezxmlnew function in ezXML 0.8.6 and earlier is vulnerable to OOB write attacks when opening an XML file after exhausting the memory pool...