vulnerability
Ubuntu: (CVE-2019-17545): gdal vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:P/I:P/A:P) | Oct 14, 2019 | Nov 19, 2024 | Apr 16, 2026 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
Oct 14, 2019
Added
Nov 19, 2024
Modified
Apr 16, 2026
Description
GDAL through 3.0.1 has a poolDestroy double free in OGRExpatRealloc in ogr/ogr_expat.cpp when the 10MB threshold is exceeded.
Solution
ubuntu-pro-upgrade-gdal
References
- CVE-2019-17545
- https://attackerkb.com/topics/CVE-2019-17545
- CWE-415
- EUVD-EUVD-2019-0057
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16178
- https://euvd.enisa.europa.eu/vulnerability/EUVD-2019-0057
- https://github.com/OSGeo/gdal/commit/148115fcc40f1651a5d15fa34c9a8c528e7147bb
- https://www.cve.org/CVERecord?id=CVE-2019-17545
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.