Vulnerabilities > Osgeo > Mapserver > High

DATE CVE VULNERABILITY TITLE RISK
2019-10-29 CVE-2010-1678 Improper Input Validation vulnerability in Osgeo Mapserver
Mapserver 5.2, 5.4 and 5.6 before 5.6.5-2 improperly validates symbol index values during Mapfile parsing.
network
low complexity
osgeo CWE-20
7.5
7.5
2016-12-08 CVE-2016-9839 Information Exposure vulnerability in Osgeo Mapserver
In MapServer before 7.0.3, OGR driver error messages are too verbose and may leak sensitive information if data connection fails.
network
low complexity
osgeo CWE-200
7.5
7.5