Shapelib
1 CVEs
product
Monthly
A double-free condition exists in contrib/shpsort.c of shapelib 1.5.0 and older releases. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Memory Corruption
Denial Of Service
Use After Free
Shapelib
NVD
GitHub
CVSS 3.1
9.8
EPSS
1.2%
EPSS 1%
CVSS 9.8
CRITICAL
POC
PATCH
Act Now
A double-free condition exists in contrib/shpsort.c of shapelib 1.5.0 and older releases. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Memory Corruption
Denial Of Service
Use After Free
+1
NVD
GitHub