Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/gdal@3.13.0%2Bdfsg-1?distro=trixie

Type deb

Namespace debian

Name gdal

Version 3.13.0+dfsg-1

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-9j4r-vpwj-bqds

vulnerability_id VCID-9j4r-vpwj-bqds

summary GDAL through 3.0.1 has a poolDestroy double free in OGRExpatRealloc in ogr/ogr_expat.cpp when the 10MB threshold is exceeded.

references

reference_url

http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00022.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00022.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-17545

reference_id

reference_type

scores

value	0.02245
scoring_system	epss
scoring_elements	0.84875
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-17545

reference_url

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16178

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16178

reference_url

https://github.com/OSGeo/gdal/commit/148115fcc40f1651a5d15fa34c9a8c528e7147bb

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://github.com/OSGeo/gdal/commit/148115fcc40f1651a5d15fa34c9a8c528e7147bb

reference_url

https://lists.debian.org/debian-lts-announce/2019/11/msg00005.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://lists.debian.org/debian-lts-announce/2019/11/msg00005.html

reference_url

https://lists.debian.org/debian-lts-announce/2022/01/msg00004.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://lists.debian.org/debian-lts-announce/2022/01/msg00004.html

reference_url

https://lists.debian.org/debian-lts-announce/2022/09/msg00040.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://lists.debian.org/debian-lts-announce/2022/09/msg00040.html

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CB7RRPCQP253XA5MYUOLHLRPKNGKVZNT/

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CB7RRPCQP253XA5MYUOLHLRPKNGKVZNT/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XVRC3EBQBFBVQC26XJE3AI3KQXC2NGTP/

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XVRC3EBQBFBVQC26XJE3AI3KQXC2NGTP/

reference_url

https://www.oracle.com//security-alerts/cpujul2021.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://www.oracle.com//security-alerts/cpujul2021.html

fixed_packages

url	pkg:deb/debian/gdal@2.4.2%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/gdal@2.4.2%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdal@2.4.2%252Bdfsg-2%3Fdistro=trixie

url pkg:deb/debian/gdal@3.2.2%2Bdfsg-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/gdal@3.2.2%2Bdfsg-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-pkad-wgj9-wkhx

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdal@3.2.2%252Bdfsg-2%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/gdal@3.6.2%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/gdal@3.6.2%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-pkad-wgj9-wkhx

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdal@3.6.2%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/gdal@3.10.3%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/gdal@3.10.3%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-pkad-wgj9-wkhx

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdal@3.10.3%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/gdal@3.13.0%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/gdal@3.13.0%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdal@3.13.0%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2019-17545, PYSEC-2019-241

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9j4r-vpwj-bqds

url VCID-g65z-w3mz-7qh4

vulnerability_id VCID-g65z-w3mz-7qh4

summary tif_getimage.c in LibTIFF through 4.0.10, as used in GDAL through 3.0.1 and other products, has an integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image, related to a "Negative-size-param" condition.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17546.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17546.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-17546

reference_id

reference_type

scores

value	0.00373
scoring_system	epss
scoring_elements	0.59332
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-17546

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1765705
reference_id	1765705
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1765705

reference_url	https://security.gentoo.org/glsa/202003-25
reference_id	GLSA-202003-25
reference_type
scores
url	https://security.gentoo.org/glsa/202003-25

reference_url	https://access.redhat.com/errata/RHSA-2020:3902
reference_id	RHSA-2020:3902
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3902

reference_url	https://access.redhat.com/errata/RHSA-2020:4634
reference_id	RHSA-2020:4634
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4634

fixed_packages

url	pkg:deb/debian/gdal@3.1.0%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/gdal@3.1.0%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdal@3.1.0%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/gdal@3.2.2%2Bdfsg-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/gdal@3.2.2%2Bdfsg-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-pkad-wgj9-wkhx

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdal@3.2.2%252Bdfsg-2%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/gdal@3.6.2%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/gdal@3.6.2%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-pkad-wgj9-wkhx

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdal@3.6.2%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/gdal@3.10.3%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/gdal@3.10.3%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-pkad-wgj9-wkhx

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdal@3.10.3%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/gdal@3.13.0%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/gdal@3.13.0%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdal@3.13.0%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2019-17546

risk_score 4.0

exploitability 0.5

weighted_severity 7.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g65z-w3mz-7qh4

url VCID-jan8-s74u-2fbm

vulnerability_id VCID-jan8-s74u-2fbm

summary GDAL before 1.3.0-r1 allows local users in the portage group to increase privileges via a shared object in the Portage temporary build directory, which is added to the search path allowing objects in it to be loaded at runtime.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2005-3581

reference_id

reference_type

scores

value	0.00055
scoring_system	epss
scoring_elements	0.17436
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2005-3581

fixed_packages

url	pkg:deb/debian/gdal@0?distro=trixie
purl	pkg:deb/debian/gdal@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdal@0%3Fdistro=trixie

url pkg:deb/debian/gdal@3.2.2%2Bdfsg-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/gdal@3.2.2%2Bdfsg-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-pkad-wgj9-wkhx

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdal@3.2.2%252Bdfsg-2%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/gdal@3.6.2%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/gdal@3.6.2%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-pkad-wgj9-wkhx

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdal@3.6.2%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/gdal@3.10.3%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/gdal@3.10.3%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-pkad-wgj9-wkhx

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdal@3.10.3%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/gdal@3.13.0%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/gdal@3.13.0%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdal@3.13.0%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2005-3581

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jan8-s74u-2fbm

url VCID-pkad-wgj9-wkhx

vulnerability_id VCID-pkad-wgj9-wkhx

summary Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in OSGeo gdal (frmts/zlib/contrib/infback9 modules). This vulnerability is associated with program files inftree9.C‎. This issue affects gdal: before 3.11.0.

references

fixed_packages

url	pkg:deb/debian/gdal@3.11.3%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/gdal@3.11.3%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdal@3.11.3%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/gdal@3.13.0%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/gdal@3.13.0%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdal@3.13.0%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2026-4738

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pkad-wgj9-wkhx

url VCID-uy45-3vu3-87fu

vulnerability_id VCID-uy45-3vu3-87fu

summary GDAL 3.3.0 through 3.4.0 has a heap-based buffer overflow in PCIDSK::CPCIDSKFile::ReadFromFile (called from PCIDSK::CPCIDSKSegment::ReadFromFile and PCIDSK::CPCIDSKBinarySegment::CPCIDSKBinarySegment).

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-45943

reference_id

reference_type

scores

value	0.003
scoring_system	epss
scoring_elements	0.53634
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-45943

reference_url

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=41993

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=41993

reference_url

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/gdal/OSV-2021-1651.yaml

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/gdal/OSV-2021-1651.yaml

reference_url

https://github.com/OSGeo/gdal/commit/1ca6a3e5168c200763fa46d8aa7e698d0b757e7e

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://github.com/OSGeo/gdal/commit/1ca6a3e5168c200763fa46d8aa7e698d0b757e7e

reference_url

https://github.com/OSGeo/gdal/pull/4944

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://github.com/OSGeo/gdal/pull/4944

reference_url

https://lists.debian.org/debian-lts-announce/2022/01/msg00004.html

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://lists.debian.org/debian-lts-announce/2022/01/msg00004.html

reference_url

https://lists.debian.org/debian-lts-announce/2022/09/msg00040.html

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://lists.debian.org/debian-lts-announce/2022/09/msg00040.html

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JBPJGXY7IYY65NVJBLP3RONXE7ZBVCNU/

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JBPJGXY7IYY65NVJBLP3RONXE7ZBVCNU/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P23E4DEHY5FJCR5VJ46I6TO32DT7Y3T4/

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P23E4DEHY5FJCR5VJ46I6TO32DT7Y3T4/

reference_url

https://security.gentoo.org/glsa/202210-15

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://security.gentoo.org/glsa/202210-15

reference_url

https://www.debian.org/security/2022/dsa-5239

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://www.debian.org/security/2022/dsa-5239

reference_url

https://www.oracle.com/security-alerts/cpujul2022.html

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://www.oracle.com/security-alerts/cpujul2022.html

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2021-45943
reference_id	CVE-2021-45943
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2021-45943

fixed_packages

url pkg:deb/debian/gdal@3.2.2%2Bdfsg-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/gdal@3.2.2%2Bdfsg-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-pkad-wgj9-wkhx

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdal@3.2.2%252Bdfsg-2%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/gdal@3.4.1%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/gdal@3.4.1%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdal@3.4.1%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/gdal@3.6.2%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/gdal@3.6.2%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-pkad-wgj9-wkhx

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdal@3.6.2%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/gdal@3.10.3%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/gdal@3.10.3%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-pkad-wgj9-wkhx

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdal@3.10.3%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/gdal@3.13.0%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/gdal@3.13.0%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdal@3.13.0%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2021-45943, PYSEC-2022-43065

risk_score 2.5

exploitability 0.5

weighted_severity 5.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uy45-3vu3-87fu

url VCID-wtq8-c55n-bkb8

vulnerability_id VCID-wtq8-c55n-bkb8

summary netCDF in GDAL 2.4.2 through 3.0.4 has a stack-based buffer overflow in nc4_get_att (called from nc4_get_att_tc and nc_get_att_text) and in uffd_cleanup (called from netCDFDataset::~netCDFDataset and netCDFDataset::~netCDFDataset).

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-25050

reference_id

reference_type

scores

value	0.00089
scoring_system	epss
scoring_elements	0.2536
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-25050

reference_url

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15143

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15143

reference_url

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15156

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15156

reference_url

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/gdal/OSV-2020-392.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/gdal/OSV-2020-392.yaml

reference_url

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/gdal/OSV-2020-420.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/gdal/OSV-2020-420.yaml

reference_url

https://github.com/OSGeo/gdal/commit/27b9bf644bcf1208f7d6594bdd104cc8a8bb0646

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://github.com/OSGeo/gdal/commit/27b9bf644bcf1208f7d6594bdd104cc8a8bb0646

reference_url

https://github.com/OSGeo/gdal/commit/767e3a56144f676ca738ef8f700e0e56035bd05a

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://github.com/OSGeo/gdal/commit/767e3a56144f676ca738ef8f700e0e56035bd05a

fixed_packages

url	pkg:deb/debian/gdal@3.1.0%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/gdal@3.1.0%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdal@3.1.0%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/gdal@3.2.2%2Bdfsg-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/gdal@3.2.2%2Bdfsg-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-pkad-wgj9-wkhx

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdal@3.2.2%252Bdfsg-2%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/gdal@3.6.2%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/gdal@3.6.2%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-pkad-wgj9-wkhx

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdal@3.6.2%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/gdal@3.10.3%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/gdal@3.10.3%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-pkad-wgj9-wkhx

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdal@3.10.3%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/gdal@3.13.0%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/gdal@3.13.0%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdal@3.13.0%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2019-25050, PYSEC-2021-888

risk_score 3.5

exploitability 0.5

weighted_severity 7.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wtq8-c55n-bkb8

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdal@3.13.0%252Bdfsg-1%3Fdistro=trixie

Package Instance