VulnerableCode Package Details - pkg:deb/debian/gdal@1.10.1%2Bdfsg-8

Search for packages

Vulnerability	Summary	Fixed by
VCID-6v8p-cjhb-c7er Aliases: CVE-2019-25050 PYSEC-2021-888	netCDF in GDAL 2.4.2 through 3.0.4 has a stack-based buffer overflow in nc4_get_att (called from nc4_get_att_tc and nc_get_att_text) and in uffd_cleanup (called from netCDFDataset::~netCDFDataset and netCDFDataset::~netCDFDataset).	3.2.2+dfsg-2+deb11u2 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-a6w1-7txk-euay Aliases: CVE-2019-17545 PYSEC-2019-241	GDAL through 3.0.1 has a poolDestroy double free in OGRExpatRealloc in ogr/ogr_expat.cpp when the 10MB threshold is exceeded.	3.2.2+dfsg-2+deb11u2 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-gzm4-ajmq-sqgj Aliases: BIT-gdal-2021-45943 CVE-2021-45943 PYSEC-2022-43065	GDAL 3.3.0 through 3.4.0 has a heap-based buffer overflow in PCIDSK::CPCIDSKFile::ReadFromFile (called from PCIDSK::CPCIDSKSegment::ReadFromFile and PCIDSK::CPCIDSKBinarySegment::CPCIDSKBinarySegment).	3.2.2+dfsg-2+deb11u2 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-nnvs-e9na-p7fu Aliases: CVE-2019-17546	Multiple vulnerabilities have been found in LibTIFF, the worst of which could result in a Denial of Service condition.	3.2.2+dfsg-2+deb11u2 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-6v8p-cjhb-c7er
Aliases:
CVE-2019-25050
PYSEC-2021-888

netCDF in GDAL 2.4.2 through 3.0.4 has a stack-based buffer overflow in nc4_get_att (called from nc4_get_att_tc and nc_get_att_text) and in uffd_cleanup (called from netCDFDataset::~netCDFDataset and netCDFDataset::~netCDFDataset).

3.2.2+dfsg-2+deb11u2
Affected by 1 other vulnerability.

VCID-a6w1-7txk-euay
Aliases:
CVE-2019-17545
PYSEC-2019-241

GDAL through 3.0.1 has a poolDestroy double free in OGRExpatRealloc in ogr/ogr_expat.cpp when the 10MB threshold is exceeded.

3.2.2+dfsg-2+deb11u2
Affected by 1 other vulnerability.

VCID-gzm4-ajmq-sqgj
Aliases:
BIT-gdal-2021-45943
CVE-2021-45943
PYSEC-2022-43065

GDAL 3.3.0 through 3.4.0 has a heap-based buffer overflow in PCIDSK::CPCIDSKFile::ReadFromFile (called from PCIDSK::CPCIDSKSegment::ReadFromFile and PCIDSK::CPCIDSKBinarySegment::CPCIDSKBinarySegment).

3.2.2+dfsg-2+deb11u2
Affected by 1 other vulnerability.

VCID-nnvs-e9na-p7fu
Aliases:
CVE-2019-17546

Multiple vulnerabilities have been found in LibTIFF, the worst of which could result in a Denial of Service condition.

3.2.2+dfsg-2+deb11u2
Affected by 1 other vulnerability.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-15T22:41:14.941975+00:00	Debian Oval Importer	Affected by	VCID-nnvs-e9na-p7fu	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T18:38:50.880754+00:00	Debian Oval Importer	Affected by	VCID-a6w1-7txk-euay	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T17:26:25.521482+00:00	Debian Oval Importer	Affected by	VCID-6v8p-cjhb-c7er	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T16:45:10.689938+00:00	Debian Oval Importer	Affected by	VCID-gzm4-ajmq-sqgj	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-11T22:17:54.510689+00:00	Debian Oval Importer	Affected by	VCID-nnvs-e9na-p7fu	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T18:23:22.836608+00:00	Debian Oval Importer	Affected by	VCID-a6w1-7txk-euay	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T17:12:46.798134+00:00	Debian Oval Importer	Affected by	VCID-6v8p-cjhb-c7er	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T16:31:59.199454+00:00	Debian Oval Importer	Affected by	VCID-gzm4-ajmq-sqgj	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-08T21:54:05.587461+00:00	Debian Oval Importer	Affected by	VCID-nnvs-e9na-p7fu	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T18:09:20.253563+00:00	Debian Oval Importer	Affected by	VCID-a6w1-7txk-euay	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T17:01:42.168125+00:00	Debian Oval Importer	Affected by	VCID-6v8p-cjhb-c7er	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T16:23:06.480932+00:00	Debian Oval Importer	Affected by	VCID-gzm4-ajmq-sqgj	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0