{"id":"CVE-2019-17545","details":"GDAL through 3.0.1 has a poolDestroy double free in OGRExpatRealloc in ogr/ogr_expat.cpp when the 10MB threshold is exceeded.","aliases":["PYSEC-2019-241"],"modified":"2026-04-16T04:34:29.286734945Z","published":"2019-10-14T02:15:11.030Z","related":["openSUSE-SU-2019:2466-1"],"references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CB7RRPCQP253XA5MYUOLHLRPKNGKVZNT/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XVRC3EBQBFBVQC26XJE3AI3KQXC2NGTP/"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2019/11/msg00005.html"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2022/01/msg00004.html"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2022/09/msg00040.html"},{"type":"ADVISORY","url":"https://www.oracle.com//security-alerts/cpujul2021.html"},{"type":"REPORT","url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16178"},{"type":"FIX","url":"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00022.html"},{"type":"FIX","url":"https://github.com/OSGeo/gdal/commit/148115fcc40f1651a5d15fa34c9a8c528e7147bb"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/osgeo/gdal","events":[{"introduced":"0"},{"last_affected":"df36f287cc9df9e2be176c41971f110cc2f18cd7"},{"fixed":"148115fcc40f1651a5d15fa34c9a8c528e7147bb"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"3.0.1"}]}}],"versions":["v2.3.0beta1","v2.4.0","v3.0.0","v3.0.1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-17545.json","vanir_signatures_modified":"2026-04-11T12:42:31Z","vanir_signatures":[{"source":"https://github.com/osgeo/gdal/commit/148115fcc40f1651a5d15fa34c9a8c528e7147bb","deprecated":false,"target":{"function":"OGRExpatRealloc","file":"gdal/ogr/ogr_expat.cpp"},"signature_version":"v1","digest":{"function_hash":"110395127982434165459425119816292298899","length":159},"signature_type":"Function","id":"CVE-2019-17545-953d6849"},{"signature_type":"Line","deprecated":false,"target":{"file":"gdal/ogr/ogr_expat.cpp"},"digest":{"threshold":0.9,"line_hashes":["308229990210759106968400908252313392300","152172563583615806696898864395479245553","259181652519837524019465353356666549752","91935301074849414130272711771149295592"]},"signature_version":"v1","source":"https://github.com/osgeo/gdal/commit/148115fcc40f1651a5d15fa34c9a8c528e7147bb","id":"CVE-2019-17545-bbef44bd"}],"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"12.2.0.1"}]},{"events":[{"introduced":"0"},{"last_affected":"19c"}]},{"events":[{"introduced":"0"},{"last_affected":"8.0"}]},{"events":[{"introduced":"0"},{"last_affected":"9.0"}]},{"events":[{"introduced":"0"},{"last_affected":"10.0"}]},{"events":[{"introduced":"0"},{"last_affected":"30"}]},{"events":[{"introduced":"0"},{"last_affected":"31"}]},{"events":[{"introduced":"0"},{"last_affected":"15.0-sp1"}]},{"events":[{"introduced":"0"},{"last_affected":"15.1"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}