VDB
GCVE-110-MAGEIA-2015-97
GCVE-110-MAGEIA-2015-97
Advisory Published
Updated mapserver packages fix security vulnerability:
SQL injection vulnerability in the msPostGISLayerSetTimeFilter function in
mappostgis.c in MapServer before 6.4.1, when a WMS-Time service is used,
allows remote attackers to execute arbitrary SQL commands via a crafted
string in a PostGIS TIME filter (CVE-2013-7262).
The mapserver package has been updated to version 6.2.2, which fixes this
issue and several other bugs, including some packaging issues which
prevented it from working anyway.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | sdcc | 0 (affected), 0 (affected), 3.4.0-8.mga5.nonfree (unaffected), 3.4.0-8.mga5 (unaffected) | — |
| Mageia | mapserver | 0 (affected), 6.2.2-1.2.mga4 (unaffected), 0 (affected), 6.2.2-1.2.mga4 (unaffected) | — |
Aliases
References
Browse GCVE Records
72,664 records in the GCVE database · Updated July 15, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.