Gegl Gegl

Do you want an email whenever new security vulnerabilities are reported in Gegl?

By the Year

In 2022 there have been 0 vulnerabilities in Gegl . Last year Gegl had 1 security vulnerability published. Right now, Gegl is on track to have less security vulnerabilities in 2022 than it did last year.

Year Vulnerabilities Average Score
2022 0 0.00
2021 1 7.80
2020 0 0.00
2019 0 0.00
2018 3 8.37

It may take a day or so for new Gegl vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Gegl Security Vulnerabilities

load_cache in GEGL before 0.4.34 allows shell expansion when a pathname in a constructed command line is not escaped or filtered

CVE-2021-45463 7.8 - High - December 23, 2021

load_cache in GEGL before 0.4.34 allows shell expansion when a pathname in a constructed command line is not escaped or filtered. This is caused by use of the system library function for execution of the ImageMagick convert fallback in magick-load. NOTE: GEGL releases before 0.4.34 are used in GIMP releases before 2.10.30; however, this does not imply that GIMP builds enable the vulnerable feature.

An issue was discovered in GEGL through 0.3.32

CVE-2018-10111 7.5 - High - April 16, 2018

An issue was discovered in GEGL through 0.3.32. The render_rectangle function in process/gegl-processor.c has unbounded memory allocation, leading to a denial of service (application crash) upon allocation failure.

Buffer Overflow

An issue was discovered in GEGL through 0.3.32

CVE-2018-10112 8.8 - High - April 16, 2018

An issue was discovered in GEGL through 0.3.32. The gegl_tile_backend_swap_constructed function in buffer/gegl-tile-backend-swap.c allows remote attackers to cause a denial of service (write access violation) or possibly have unspecified other impact via a malformed PNG file that is mishandled during a call to the babl_format_get_bytes_per_pixel function in babl-format.c in babl 0.1.46.

Buffer Overflow

An issue was discovered in GEGL through 0.3.32

CVE-2018-10114 8.8 - High - April 16, 2018

An issue was discovered in GEGL through 0.3.32. The gegl_buffer_iterate_read_simple function in buffer/gegl-buffer-access.c allows remote attackers to cause a denial of service (write access violation) or possibly have unspecified other impact via a malformed PPM file, related to improper restrictions on memory allocation in the ppm_load_read_header function in operations/external/ppm-load.c.

Buffer Overflow

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Gegl or by Gegl? Click the Watch button to subscribe.

Gegl
Vendor

Gegl
Product

subscribe