{"id":"CVE-2016-9839","details":"In MapServer before 7.0.3, OGR driver error messages are too verbose and may leak sensitive information if data connection fails.","modified":"2026-05-18T10:00:07.416366Z","published":"2016-12-08T08:59:01.240Z","references":[{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/94856"},{"type":"ADVISORY","url":"https://github.com/mapserver/mapserver/pull/5356"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/mapserver/mapserver","events":[{"introduced":"0"},{"last_affected":"4ea78eb919147924bbf66d426a0bb8000f94c768"}],"database_specific":{"extracted_events":[{"introduced":"0"},{"last_affected":"7.0.2"}],"cpe":"cpe:2.3:a:osgeo:mapserver:*:*:*:*:*:*:*:*","source":"CPE_FIELD"}}],"versions":["rel-7-0-2","rel-7-0-1","rel-7-0-0","rel-7-0-0-beta2","rel-7-0-0-beta1","rel-6-4-0","rel-6-4-0-rc1","rel-6-4-0-beta2","rel-6-4-0-beta1","rel-4-10-0","rel-4-10-0-rc1","rel-4-10-0-beta3","rel-4-10-0-beta2","rel-4-10-0-beta1","rel-4-8-0-rc2","rel-4-8-0-beta3","rel-4-8-0-beta2","rel-4-8-0-beta1","rel-4-6-0","rel-4-6-0-rc1","rel-4-6-0-beta3","rel-4-6-0-beta2","rel-4-6-0-beta1","rel-4-4-0","rel-4-4-0-beta3","rel-4-4-0-beta2","rel-4-4-0-beta1","rel-4-0-0","styleObj","rel-3-5-0","rel-3-4"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-9839.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}]}