Fluid Attacks Database

Description

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in OSGeo gdal (frmts/zlib/contrib/infback9 modules). This vulnerability is associated with program files inftree9.C‎. This issue affects gdal: before 3.11.0.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 13	gdal	=3.10.3+dfsg-1 \|\| =3.10.3+dfsg-2 \|\| =3.11.0+dfsg-1~exp1 \|\| =3.11.0~beta1+dfsg-1~exp1 \|\| =3.11.0~beta1+dfsg-1~exp2 \|\| =3.11.0~rc1+dfsg-1~exp1 \|\| =3.11.0~rc1+dfsg-1~exp2 \|\| =3.11.0~rc2+dfsg-1~exp1 \|\| =3.11.1+dfsg-1~exp1 \|\| =3.11.1~rc1+dfsg-1~exp1 \|\| =3.11.1~rc2+dfsg-1~exp1 \|\| =3.11.2+dfsg-1~exp1 \|\| =3.11.2~rc1+dfsg-1~exp1 \|\| =3.11.2~rc2+dfsg-1~exp1 \|\| =3.11.3+dfsg-1 \|\| =3.11.3+dfsg-1~exp1 \|\| =3.11.3+dfsg-1~exp2 \|\| =3.11.4+dfsg-1 \|\| =3.11.4~rc1+dfsg-1~exp1 \|\| =3.12.0+dfsg-1 \|\| =3.12.0+dfsg-1~exp1 \|\| =3.12.0~beta1+dfsg-1~exp1 \|\| =3.12.0~rc1+dfsg-1~exp1 \|\| =3.12.1+dfsg-1 \|\| =3.12.1~rc1+dfsg-1~exp1 \|\| =3.12.2+dfsg-1 \|\| =3.12.2~rc1+dfsg-1~exp1 \|\| =3.12.3+dfsg-1 \|\| =3.12.3~rc1+dfsg-1~exp1 \|\| =3.12.3~rc2+dfsg-1~exp1 \|\| =3.13.0~beta1+dfsg-1~exp1 \|\| =3.13.0~beta2+dfsg-1~exp1	-
debian 11	gdal	=3.10.0+dfsg-1 \|\| =3.10.0+dfsg-1~exp1 \|\| =3.10.0~beta1+dfsg-1~exp1 \|\| =3.10.0~rc1+dfsg-1~exp1 \|\| =3.10.0~rc2+dfsg-1~exp1 \|\| =3.10.0~rc3+dfsg-1~exp1 \|\| =3.10.1+dfsg-1 \|\| =3.10.1~rc1+dfsg-1~exp1 \|\| =3.10.1~rc2+dfsg-1~exp1 \|\| =3.10.2+dfsg-1 \|\| =3.10.2~rc1+dfsg-1~exp1 \|\| =3.10.3+dfsg-1 \|\| =3.10.3+dfsg-2 \|\| =3.10.3~rc1+dfsg-1~exp1 \|\| =3.11.0+dfsg-1~exp1 \|\| =3.11.0~beta1+dfsg-1~exp1 \|\| =3.11.0~beta1+dfsg-1~exp2 \|\| =3.11.0~rc1+dfsg-1~exp1 \|\| =3.11.0~rc1+dfsg-1~exp2 \|\| =3.11.0~rc2+dfsg-1~exp1 \|\| =3.11.1+dfsg-1~exp1 \|\| =3.11.1~rc1+dfsg-1~exp1 \|\| =3.11.1~rc2+dfsg-1~exp1 \|\| =3.11.2+dfsg-1~exp1 \|\| =3.11.2~rc1+dfsg-1~exp1 \|\| =3.11.2~rc2+dfsg-1~exp1 \|\| =3.11.3+dfsg-1 \|\| =3.11.3+dfsg-1~exp1 \|\| =3.11.3+dfsg-1~exp2 \|\| =3.11.4+dfsg-1 \|\| =3.11.4~rc1+dfsg-1~exp1 \|\| =3.12.0+dfsg-1 \|\| =3.12.0+dfsg-1~exp1 \|\| =3.12.0~beta1+dfsg-1~exp1 \|\| =3.12.0~rc1+dfsg-1~exp1 \|\| =3.12.1+dfsg-1 \|\| =3.12.1~rc1+dfsg-1~exp1 \|\| =3.12.2+dfsg-1 \|\| =3.12.2~rc1+dfsg-1~exp1 \|\| =3.12.3+dfsg-1 \|\| =3.12.3~rc1+dfsg-1~exp1 \|\| =3.12.3~rc2+dfsg-1~exp1 \|\| =3.13.0~beta1+dfsg-1~exp1 \|\| =3.13.0~beta2+dfsg-1~exp1 \|\| =3.2.2+dfsg-2 \|\| =3.2.2+dfsg-2+deb11u1 \|\| =3.2.2+dfsg-2+deb11u2 \|\| =3.2.2+dfsg-3 \|\| =3.3.0+dfsg-1~exp1 \|\| =3.3.0+dfsg-1~exp2 \|\| =3.3.0~beta1+dfsg-1~exp1 \|\| =3.3.0~rc1+dfsg-1~exp1 \|\| =3.3.1+dfsg-1~exp1 \|\| =3.3.1~rc1+dfsg-1~exp1 \|\| =3.3.2+dfsg-1 \|\| =3.3.2+dfsg-2 \|\| =3.3.2~rc3+dfsg-1~exp1 \|\| =3.3.3+dfsg-1 \|\| =3.3.3+dfsg-2 \|\| =3.3.3~rc1+dfsg-1~exp1 \|\| =3.4.0+dfsg-1 \|\| =3.4.0+dfsg-1~exp1 \|\| =3.4.0~rc1+dfsg-1~exp1 \|\| =3.4.0~rc2+dfsg-1~exp1 \|\| =3.4.0~rc3+dfsg-1~exp1 \|\| =3.4.1+dfsg-1 \|\| =3.4.1~rc1+dfsg-1~exp1 \|\| =3.4.2+dfsg-1 \|\| =3.4.2~rc1+dfsg-1~exp1 \|\| =3.4.2~rc2+dfsg-1~exp1 \|\| =3.4.3+dfsg-1 \|\| =3.4.3~rc1+dfsg-1~exp1 \|\| =3.5.0+dfsg-1 \|\| =3.5.0+dfsg-1~exp1 \|\| =3.5.0~rc1+dfsg-1~exp1 \|\| =3.5.0~rc1+dfsg-1~exp2 \|\| =3.5.0~rc1+dfsg-1~exp3 \|\| =3.5.0~rc2+dfsg-1~exp1 \|\| =3.5.0~rc3+dfsg-1~exp1 \|\| =3.5.0~rc4+dfsg-1~exp1 \|\| =3.5.1+dfsg-1 \|\| =3.5.1~rc1+dfsg-1~exp1 \|\| =3.5.1~rc2+dfsg-1~exp1 \|\| =3.5.2+dfsg-1 \|\| =3.5.2~rc1+dfsg-1~exp1 \|\| =3.5.3+dfsg-1 \|\| =3.5.3~rc1+dfsg-1~exp1 \|\| =3.5.3~rc2+dfsg-1~exp1 \|\| =3.6.0+dfsg-1 \|\| =3.6.0+dfsg-1~exp1 \|\| =3.6.0+dfsg-2 \|\| =3.6.0~rc1+dfsg-1~exp1 \|\| =3.6.0~rc2+dfsg-1~exp1 \|\| =3.6.1+dfsg-1 \|\| =3.6.1~rc1+dfsg-1~exp1 \|\| =3.6.2+dfsg-1 \|\| =3.6.2~rc1+dfsg-1~exp1 \|\| =3.6.3+dfsg-1~exp1 \|\| =3.6.3~rc1+dfsg-1~exp1 \|\| =3.6.4+dfsg-1 \|\| =3.6.4+dfsg-1~exp1 \|\| =3.6.4~rc1+dfsg-1~exp1 \|\| =3.7.0+dfsg-1 \|\| =3.7.0+dfsg-1~exp1 \|\| =3.7.0~rc1+dfsg-1~exp1 \|\| =3.7.1+dfsg-1 \|\| =3.7.1~rc1+dfsg-1~exp1 \|\| =3.7.2+dfsg-1 \|\| =3.7.2~rc1+dfsg-1~exp1 \|\| =3.7.3+dfsg-1 \|\| =3.7.3~rc1+dfsg-1~exp1 \|\| =3.8.0+dfsg-1 \|\| =3.8.0+dfsg-1~exp1 \|\| =3.8.0~beta1+dfsg-1~exp1 \|\| =3.8.0~rc1+dfsg-1~exp1 \|\| =3.8.0~rc1+dfsg-1~exp2 \|\| =3.8.0~rc2+dfsg-1~exp1 \|\| =3.8.1+dfsg-1 \|\| =3.8.1~rc1+dfsg-1~exp1 \|\| =3.8.1~rc2+dfsg-1~exp1 \|\| =3.8.1~rc3+dfsg-1~exp1 \|\| =3.8.2+dfsg-1 \|\| =3.8.2~rc1+dfsg-1~exp1 \|\| =3.8.3+dfsg-1 \|\| =3.8.3+dfsg-1.1~exp1 \|\| =3.8.3+dfsg-2~exp1 \|\| =3.8.3~rc1+dfsg-1~exp1 \|\| =3.8.3~rc2+dfsg-1~exp1 \|\| =3.8.3~rc3+dfsg-1~exp1 \|\| =3.8.4+dfsg-1 \|\| =3.8.4+dfsg-2 \|\| =3.8.4+dfsg-2~exp1 \|\| =3.8.4+dfsg-3 \|\| =3.8.4~rc1+dfsg-1~exp1 \|\| =3.8.5+dfsg-1 \|\| =3.8.5~rc1+dfsg-1~exp1 \|\| =3.9.0+dfsg-1 \|\| =3.9.0+dfsg-1~exp1 \|\| =3.9.0~beta1+dfsg-1~exp1 \|\| =3.9.0~beta2+dfsg-1~exp1 \|\| =3.9.0~rc1+dfsg-1~exp1 \|\| =3.9.0~rc2+dfsg-1~exp1 \|\| =3.9.1+dfsg-1 \|\| =3.9.1~rc1+dfsg-1~exp1 \|\| =3.9.1~rc2+dfsg-1~exp1 \|\| =3.9.2+dfsg-1 \|\| =3.9.2~rc1+dfsg-1~exp1 \|\| =3.9.2~rc2+dfsg-1~exp1 \|\| =3.9.3+dfsg-1 \|\| =3.9.3~rc1+dfsg-1~exp1	-
debian 12	gdal	=3.10.0+dfsg-1 \|\| =3.10.0+dfsg-1~exp1 \|\| =3.10.0~beta1+dfsg-1~exp1 \|\| =3.10.0~rc1+dfsg-1~exp1 \|\| =3.10.0~rc2+dfsg-1~exp1 \|\| =3.10.0~rc3+dfsg-1~exp1 \|\| =3.10.1+dfsg-1 \|\| =3.10.1~rc1+dfsg-1~exp1 \|\| =3.10.1~rc2+dfsg-1~exp1 \|\| =3.10.2+dfsg-1 \|\| =3.10.2~rc1+dfsg-1~exp1 \|\| =3.10.3+dfsg-1 \|\| =3.10.3+dfsg-2 \|\| =3.10.3~rc1+dfsg-1~exp1 \|\| =3.11.0+dfsg-1~exp1 \|\| =3.11.0~beta1+dfsg-1~exp1 \|\| =3.11.0~beta1+dfsg-1~exp2 \|\| =3.11.0~rc1+dfsg-1~exp1 \|\| =3.11.0~rc1+dfsg-1~exp2 \|\| =3.11.0~rc2+dfsg-1~exp1 \|\| =3.11.1+dfsg-1~exp1 \|\| =3.11.1~rc1+dfsg-1~exp1 \|\| =3.11.1~rc2+dfsg-1~exp1 \|\| =3.11.2+dfsg-1~exp1 \|\| =3.11.2~rc1+dfsg-1~exp1 \|\| =3.11.2~rc2+dfsg-1~exp1 \|\| =3.11.3+dfsg-1 \|\| =3.11.3+dfsg-1~exp1 \|\| =3.11.3+dfsg-1~exp2 \|\| =3.11.4+dfsg-1 \|\| =3.11.4~rc1+dfsg-1~exp1 \|\| =3.12.0+dfsg-1 \|\| =3.12.0+dfsg-1~exp1 \|\| =3.12.0~beta1+dfsg-1~exp1 \|\| =3.12.0~rc1+dfsg-1~exp1 \|\| =3.12.1+dfsg-1 \|\| =3.12.1~rc1+dfsg-1~exp1 \|\| =3.12.2+dfsg-1 \|\| =3.12.2~rc1+dfsg-1~exp1 \|\| =3.12.3+dfsg-1 \|\| =3.12.3~rc1+dfsg-1~exp1 \|\| =3.12.3~rc2+dfsg-1~exp1 \|\| =3.13.0~beta1+dfsg-1~exp1 \|\| =3.13.0~beta2+dfsg-1~exp1 \|\| =3.6.2+dfsg-1 \|\| =3.6.3+dfsg-1~exp1 \|\| =3.6.3~rc1+dfsg-1~exp1 \|\| =3.6.4+dfsg-1 \|\| =3.6.4+dfsg-1~exp1 \|\| =3.6.4~rc1+dfsg-1~exp1 \|\| =3.7.0+dfsg-1 \|\| =3.7.0+dfsg-1~exp1 \|\| =3.7.0~rc1+dfsg-1~exp1 \|\| =3.7.1+dfsg-1 \|\| =3.7.1~rc1+dfsg-1~exp1 \|\| =3.7.2+dfsg-1 \|\| =3.7.2~rc1+dfsg-1~exp1 \|\| =3.7.3+dfsg-1 \|\| =3.7.3~rc1+dfsg-1~exp1 \|\| =3.8.0+dfsg-1 \|\| =3.8.0+dfsg-1~exp1 \|\| =3.8.0~beta1+dfsg-1~exp1 \|\| =3.8.0~rc1+dfsg-1~exp1 \|\| =3.8.0~rc1+dfsg-1~exp2 \|\| =3.8.0~rc2+dfsg-1~exp1 \|\| =3.8.1+dfsg-1 \|\| =3.8.1~rc1+dfsg-1~exp1 \|\| =3.8.1~rc2+dfsg-1~exp1 \|\| =3.8.1~rc3+dfsg-1~exp1 \|\| =3.8.2+dfsg-1 \|\| =3.8.2~rc1+dfsg-1~exp1 \|\| =3.8.3+dfsg-1 \|\| =3.8.3+dfsg-1.1~exp1 \|\| =3.8.3+dfsg-2~exp1 \|\| =3.8.3~rc1+dfsg-1~exp1 \|\| =3.8.3~rc2+dfsg-1~exp1 \|\| =3.8.3~rc3+dfsg-1~exp1 \|\| =3.8.4+dfsg-1 \|\| =3.8.4+dfsg-2 \|\| =3.8.4+dfsg-2~exp1 \|\| =3.8.4+dfsg-3 \|\| =3.8.4~rc1+dfsg-1~exp1 \|\| =3.8.5+dfsg-1 \|\| =3.8.5~rc1+dfsg-1~exp1 \|\| =3.9.0+dfsg-1 \|\| =3.9.0+dfsg-1~exp1 \|\| =3.9.0~beta1+dfsg-1~exp1 \|\| =3.9.0~beta2+dfsg-1~exp1 \|\| =3.9.0~rc1+dfsg-1~exp1 \|\| =3.9.0~rc2+dfsg-1~exp1 \|\| =3.9.1+dfsg-1 \|\| =3.9.1~rc1+dfsg-1~exp1 \|\| =3.9.1~rc2+dfsg-1~exp1 \|\| =3.9.2+dfsg-1 \|\| =3.9.2~rc1+dfsg-1~exp1 \|\| =3.9.2~rc2+dfsg-1~exp1 \|\| =3.9.3+dfsg-1 \|\| =3.9.3~rc1+dfsg-1~exp1	-
debian 14	gdal	=3.10.3+dfsg-1 \|\| =3.10.3+dfsg-2 \|\| =3.11.0+dfsg-1~exp1 \|\| =3.11.0~beta1+dfsg-1~exp1 \|\| =3.11.0~beta1+dfsg-1~exp2 \|\| =3.11.0~rc1+dfsg-1~exp1 \|\| =3.11.0~rc1+dfsg-1~exp2 \|\| =3.11.0~rc2+dfsg-1~exp1 \|\| =3.11.1+dfsg-1~exp1 \|\| =3.11.1~rc1+dfsg-1~exp1 \|\| =3.11.1~rc2+dfsg-1~exp1 \|\| =3.11.2+dfsg-1~exp1 \|\| =3.11.2~rc1+dfsg-1~exp1 \|\| =3.11.2~rc2+dfsg-1~exp1 \|\| =3.11.3+dfsg-1~exp1 \|\| =3.11.3+dfsg-1~exp2 \|\| >=0 <3.11.3+dfsg-1	3.11.3+dfsg-1

Aliases

1. CVE-2026-47382. NVD-2026-47383. OSV-DEBIAN-2026-47384. OSV-2026-47385. SECURITY-TRACKER-CVE-2026-4738

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.