View at Official debian advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2022-0699 not yet assigned priority: Debian including 1 source packages (shapelib), 5 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 5.
A double-free condition exists in contrib/shpsort.c of shapelib 1.5.0 and older releases. This issue may allow an attacker to cause a denial of service or have other unspecified impact via control over malloc.