VYPR

rpm package

almalinux/gegl04

pkg:rpm/almalinux/gegl04

Vulnerabilities (1)

  • CVE-2021-45463Dec 23, 2021
    affected < 0.4.4-6.el8_5.2fixed 0.4.4-6.el8_5.2

    load_cache in GEGL before 0.4.34 allows shell expansion when a pathname in a constructed command line is not escaped or filtered. This is caused by use of the system library function for execution of the ImageMagick convert fallback in magick-load. NOTE: GEGL releases before 0.4.