Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/gdal@3.2.2%2Bdfsg-2%2Bdeb11u2
purl pkg:deb/debian/gdal@3.2.2%2Bdfsg-2%2Bdeb11u2
Next non-vulnerable version 3.12.3+dfsg-1
Latest non-vulnerable version 3.12.3+dfsg-1
Risk 4.2
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-yghg-jnaz-xyaq
Aliases:
CVE-2026-4738
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in OSGeo gdal (frmts/zlib/contrib/infback9 modules). This vulnerability is associated with program files inftree9.C‎. This issue affects gdal: before 3.11.0.
3.12.3+dfsg-1
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (4)
Vulnerability Summary Aliases
VCID-6v8p-cjhb-c7er netCDF in GDAL 2.4.2 through 3.0.4 has a stack-based buffer overflow in nc4_get_att (called from nc4_get_att_tc and nc_get_att_text) and in uffd_cleanup (called from netCDFDataset::~netCDFDataset and netCDFDataset::~netCDFDataset). CVE-2019-25050
PYSEC-2021-888
VCID-a6w1-7txk-euay GDAL through 3.0.1 has a poolDestroy double free in OGRExpatRealloc in ogr/ogr_expat.cpp when the 10MB threshold is exceeded. CVE-2019-17545
PYSEC-2019-241
VCID-gzm4-ajmq-sqgj GDAL 3.3.0 through 3.4.0 has a heap-based buffer overflow in PCIDSK::CPCIDSKFile::ReadFromFile (called from PCIDSK::CPCIDSKSegment::ReadFromFile and PCIDSK::CPCIDSKBinarySegment::CPCIDSKBinarySegment). BIT-gdal-2021-45943
CVE-2021-45943
PYSEC-2022-43065
VCID-nnvs-e9na-p7fu Multiple vulnerabilities have been found in LibTIFF, the worst of which could result in a Denial of Service condition. CVE-2019-17546

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T12:12:22.507447+00:00 Debian Importer Affected by VCID-yghg-jnaz-xyaq https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-15T22:41:14.953029+00:00 Debian Oval Importer Fixing VCID-nnvs-e9na-p7fu https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T18:38:50.892506+00:00 Debian Oval Importer Fixing VCID-a6w1-7txk-euay https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T17:26:25.531203+00:00 Debian Oval Importer Fixing VCID-6v8p-cjhb-c7er https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T16:45:10.707912+00:00 Debian Oval Importer Fixing VCID-gzm4-ajmq-sqgj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-13T08:20:57.242256+00:00 Debian Importer Affected by VCID-yghg-jnaz-xyaq https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T22:17:54.522782+00:00 Debian Oval Importer Fixing VCID-nnvs-e9na-p7fu https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T18:23:22.848465+00:00 Debian Oval Importer Fixing VCID-a6w1-7txk-euay https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T17:12:46.809793+00:00 Debian Oval Importer Fixing VCID-6v8p-cjhb-c7er https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T16:31:59.211601+00:00 Debian Oval Importer Fixing VCID-gzm4-ajmq-sqgj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-08T21:54:05.601781+00:00 Debian Oval Importer Fixing VCID-nnvs-e9na-p7fu https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T18:09:20.267554+00:00 Debian Oval Importer Fixing VCID-a6w1-7txk-euay https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T17:01:42.181157+00:00 Debian Oval Importer Fixing VCID-6v8p-cjhb-c7er https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T16:23:06.498624+00:00 Debian Oval Importer Fixing VCID-gzm4-ajmq-sqgj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0