Nixpkgs security tracker
Permalink
CVE-2026-33721
5.3 MEDIUM
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): LOW
- Privileges required (PR): NONE
- User interaction (UI): NONE
- Scope (S): UNCHANGED
- Confidentiality impact (C): NONE
- Integrity impact (I): NONE
- Availability impact (A): LOW
MapServer has heap buffer overflow in SLD `Categorize` Threshold parsing
MapServer is a system for developing web-based GIS applications. Starting in version 4.2 and prior to version 8.6.1, a heap-buffer-overflow write in MapServer’s SLD (Styled Layer Descriptor) parser lets a remote, unauthenticated attacker crash the MapServer process by sending a crafted SLD with more than 100 Threshold elements inside a ColorMap/Categorize structure (commonly reachable via WMS GetMap with SLD_BODY). Version 8.6.1 patches the issue.
References
-
https://github.com/MapServer/MapServer/security/advisories/GHSA-cv4m-mr84-fgjp x_refsource_CONFIRM
-
https://github.com/MapServer/MapServer/releases/tag/rel-8-6-1 x_refsource_MISC
Affected products
MapServer
- ==>= 4.2, < 8.6.1
Matching in nixpkgs
pkgs.mapserver
Platform for publishing spatial data and interactive mapping applications to the web
Package maintainers
-
@autra Augustin Trancart <augustin.trancart@gmail.com>
-
@nh2 Niklas Hambüchen <mail@nh2.me>
-
@nialov Nikolas Ovaskainen <nikolasovaskainen@gmail.com>
-
@willcohen Will Cohen
-
@sikmir Nikolay Korotkiy <sikmir@disroot.org>
-
@imincik Ivan Mincik <ivan.mincik@gmail.com>
-
@l0b0 Victor Engmark <victor@engmark.name>