Spatial And Graph Oracle Spatial And Graph

Do you want an email whenever new security vulnerabilities are reported in Oracle Spatial And Graph?

By the Year

In 2022 there have been 1 vulnerability in Oracle Spatial And Graph with an average score of 5.5 out of ten. Spatial And Graph did not have any published security vulnerabilities last year. That is, 1 more vulnerability have already been reported in 2022 as compared to last year.

Year Vulnerabilities Average Score
2022 1 5.50
2021 0 0.00
2020 1 3.70
2019 1 9.80
2018 0 0.00

It may take a day or so for new Spatial And Graph vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Oracle Spatial And Graph Security Vulnerabilities

GDAL 3.3.0 through 3.4.0 has a heap-based buffer overflow in PCIDSK::CPCIDSKFile::Read

CVE-2021-45943 5.5 - Medium - January 01, 2022

GDAL 3.3.0 through 3.4.0 has a heap-based buffer overflow in PCIDSK::CPCIDSKFile::ReadFromFile (called from PCIDSK::CPCIDSKSegment::ReadFromFile and PCIDSK::CPCIDSKBinarySegment::CPCIDSKBinarySegment).

Memory Corruption

Improper validation of certificate with host mismatch in Apache Log4j SMTP appender

CVE-2020-9488 3.7 - Low - April 27, 2020

Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS connection to be intercepted by a man-in-the-middle attack which could leak any log messages sent through that appender. Fixed in Apache Log4j 2.12.3 and 2.13.1

Improper Certificate Validation

GDAL through 3.0.1 has a poolDestroy double free in OGRExpatRealloc in ogr/ogr_expat.cpp when the 10MB threshold is exceeded.

CVE-2019-17545 9.8 - Critical - October 14, 2019

GDAL through 3.0.1 has a poolDestroy double free in OGRExpatRealloc in ogr/ogr_expat.cpp when the 10MB threshold is exceeded.

Double-free

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for OpenSuse Leap or by Oracle? Click the Watch button to subscribe.

Oracle
Vendor

subscribe