A double-free condition exists in contrib/shpsort.c of shapelib 1.5.0 and older releases. This issue may allow an attacker to cause a denial of service or have other unspecified impact via control over malloc.

...

AZL-28599 CVE-2022-0699 affecting package shapelib for versions less than 1.5.0-3

A double-free condition exists in contrib/shpsort.c of shapelib 1.5.0 and older releases. This issue may allow an attacker to cause a denial of service or have other unspecified impact via control over malloc...

AZL-37034 CVE-2022-0699 affecting package shapelib for versions less than 1.5.0-3

A double-free condition exists in contrib/shpsort.c of shapelib 1.5.0 and older releases. This issue may allow an attacker to cause a denial of service or have other unspecified impact via control over malloc...

CVE-2022-0699

A double-free condition exists in contrib/shpsort.c of shapelib 1.5.0 and older releases. This issue may allow an attacker to cause a denial of service or have other unspecified impact via control over malloc...

Shapelib 资源管理错误漏洞

Shapelib is a simple C API for reading and writing ESRI ArcView Shape files. A security vulnerability exists in Shapelib, which can be exploited via contrib/shpsort.c to force the release of Shapelib's memory to trigger a denial of service and potentially run code...