A double-free condition exists in contrib/shpsort.c of shapelib 1.5.0 and older releases. This issue may allow an attacker to cause a denial of service or have other unspecified impact via control over malloc.
References
Link | Resource |
---|---|
https://github.com/OSGeo/shapelib/commit/c75b9281a5b9452d92e1682bdfe6019a13ed819f | Patch Third Party Advisory |
https://github.com/OSGeo/shapelib/issues/39 | Exploit Issue Tracking Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: fedora
Published: 2022-10-17T00:00:00
Updated: 2022-10-17T00:00:00
Reserved: 2022-02-21T00:00:00
Link: CVE-2022-0699
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-10-17T16:15:20.567
Modified: 2022-12-21T15:01:19.963
Link: CVE-2022-0699
JSON object: View
Redhat Information
No data.