VDB
CVE-2022-0699
CVE-2022-0699
PUBLISHED
CVSS 9.800000190734863 CRITICAL
A double-free condition exists in contrib/shpsort.c of shapelib 1.5.0 and older releases. This issue may allow an attacker to cause a denial of service or have other unspecified impact via control over malloc.
EPSS 0.91% · 76.3th percentile
Risk Scores
CVSS 3.1
9.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
0.91%
76.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | shapelib | * |
| osgeo | shapelib | 0 |
Exploit Intelligence
Timeline
- Mar 2, 2022 CVE Published
- Oct 18, 2022 EPSS Score
- Dec 1, 2022 EPSS Score
- Jan 14, 2023 EPSS Score
- Feb 26, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 11, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 8, 2023 EPSS Score
- Aug 21, 2023 EPSS Score
- Oct 3, 2023 EPSS Score
- Nov 16, 2023 EPSS Score