search

Toblerity / Fiona

Fiona reads and writes geographic data files
https://fiona.readthedocs.io/
BSD 3-Clause "New" or "Revised" License
1.15k stars 202 forks source link

Security Address #1298

Closed SCH227 closed 1 year ago

SCH227 commented 1 year ago

Hello!

I may have found a security issue in latest version of Fiona. Following responsible disclosure, is there an email or other private channel where I could share the details? Thank you

sgillies commented 1 year ago

@SCH227 thank you for being careful! Please email me at sean.gillies@gmail.com.

sgillies commented 1 year ago

Fiona isn't vulnerable, but rasterio is to a small degree. See https://github.com/rasterio/rasterio/discussions/2924.