VYPR

rpm package

suse/gegl&distro=SUSE Linux Enterprise Module for Package Hub 15 SP3

pkg:rpm/suse/gegl&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP3

Vulnerabilities (1)

  • CVE-2021-45463Dec 23, 2021
    affected < 0.4.16-3.3.1fixed 0.4.16-3.3.1

    load_cache in GEGL before 0.4.34 allows shell expansion when a pathname in a constructed command line is not escaped or filtered. This is caused by use of the system library function for execution of the ImageMagick convert fallback in magick-load. NOTE: GEGL releases before 0.4.