MEDIUM 5.5

PYSEC-2025-117

상세

Buffer Overflow vulnerability in gdal 3.10.2 allows a local attacker to cause a denial of service via the OGRSpatialReference::Release function. NOTE: the Supplier indicates that the report is invalid and could not be reproduced.

이 버전이 영향받나요?

사용 중인 패키지 버전을 입력하면 즉시 평가합니다.

영향 패키지

PyPI / gdal

최초 영향 버전: 0

No fixed version published yet for gdal (pip). Pin to a known-safe version or switch to an alternative.

참고

https://github.com/OSGeo/gdal/issues/12188#issuecomment-2847873794 [REPORT]
https://github.com/lmarch2/poc/blob/main/gdal/gdal.md [EVIDENCE]