Known Vulnerabilities for Mapserver by Umn
Listed below are 10 of the newest known vulnerabilities associated with "Mapserver" by "Umn".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-33721 | MapServer is a system for developing web-based GIS applications. Starting in version 4.2 and prior to version 8.6.1, a heap-b... | Not Provided | 2026-03-27 | 2026-03-30 |
| CVE-2017-5522 | Stack-based buffer overflow in MapServer before 6.0.6, 6.2.x before 6.2.4, 6.4.x before 6.4.5, and 7.0.x before 7.0.4 allows ... | 9.8 - CRITICAL | 2017-03-15 | 2021-06-07 |
| CVE-2016-9839 | In MapServer before 7.0.3, OGR driver error messages are too verbose and may leak sensitive information if data connection fa... | 7.5 - HIGH | 2016-12-08 | 2023-01-31 |
| CVE-2013-7262 | SQL injection vulnerability in the msPostGISLayerSetTimeFilter function in mappostgis.c in MapServer before 6.4.1, when a WMS... | 6.8 - MEDIUM | 2014-01-05 | 2021-06-07 |
| CVE-2011-2975 | Double free vulnerability in the msAddImageSymbol function in mapsymbol.c in MapServer before 6.0.1 might allow remote attack... | 6.8 - MEDIUM | 2011-08-01 | 2021-06-07 |
| CVE-2011-2704 | Stack-based buffer overflow in MapServer before 4.10.7 and 5.x before 5.6.7 allows remote attackers to execute arbitrary code... | 7.5 - HIGH | 2011-08-01 | 2021-06-07 |
| CVE-2011-2703 | Multiple SQL injection vulnerabilities in MapServer before 4.10.7, 5.x before 5.6.7, and 6.x before 6.0.1 allow remote attack... | 7.5 - HIGH | 2011-08-01 | 2021-06-07 |
| CVE-2010-2540 | mapserv.c in mapserv in MapServer before 4.10.6 and 5.x before 5.6.4 does not properly restrict the use of CGI command-line a... | 10 - HIGH | 2010-08-02 | 2021-06-07 |
| CVE-2010-2539 | Buffer overflow in the msTmpFile function in maputil.c in mapserv in MapServer before 4.10.6 and 5.x before 5.6.4 allows loca... | 2.1 - LOW | 2010-08-02 | 2021-06-07 |
| CVE-2009-0840 | Heap-based buffer underflow in the readPostBody function in cgiutil.c in mapserv in MapServer 4.x before 4.10.4 and 5.x befor... | 10 - HIGH | 2009-03-31 | 2021-06-07 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Umn | Mapserver | 7.0.3 | All | All | All |
| Application | Umn | Mapserver | 7.0.2 | All | All | All |
| Application | Umn | Mapserver | 7.0.1 | All | All | All |
| Application | Umn | Mapserver | 7.0.0 | b2 | All | All |
| Application | Umn | Mapserver | 7.0.0 | b1 | All | All |
| Application | Umn | Mapserver | 7.0.0 | All | All | All |
| Application | Umn | Mapserver | 6.4.4 | All | All | All |
| Application | Umn | Mapserver | 6.4.3 | All | All | All |
| Application | Umn | Mapserver | 6.4.2 | All | All | All |
| Application | Umn | Mapserver | 6.4.1 | All | All | All |
| Application | Umn | Mapserver | 6.4.0 | rc1 | All | All |
| Application | Umn | Mapserver | 6.4.0 | b2 | All | All |
| Application | Umn | Mapserver | 6.4.0 | b1 | All | All |
| Application | Umn | Mapserver | 6.4.0 | All | All | All |
| Application | Umn | Mapserver | 6.2.3 | All | All | All |
| Application | Umn | Mapserver | 6.2.2 | All | All | All |
| Application | Umn | Mapserver | 6.2.1 | All | All | All |
| Application | Umn | Mapserver | 6.2.0 | b3 | All | All |
| Application | Umn | Mapserver | 6.2.0 | All | All | All |
| Application | Umn | Mapserver | 6.2.0 | b1 | All | All |