VYPR

rpm package

suse/gegl&distro=SUSE Linux Enterprise Workstation Extension 12 SP5

pkg:rpm/suse/gegl&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP5

Vulnerabilities (2)

  • CVE-2021-45463Dec 23, 2021
    affected < 0.2.0-15.6.1fixed 0.2.0-15.6.1

    load_cache in GEGL before 0.4.34 allows shell expansion when a pathname in a constructed command line is not escaped or filtered. This is caused by use of the system library function for execution of the ImageMagick convert fallback in magick-load. NOTE: GEGL releases before 0.4.

  • CVE-2018-10113HigApr 16, 2018
    affected < 0.2.0-15.3.99fixed 0.2.0-15.3.99

    An issue was discovered in GEGL through 0.3.32. The process function in operations/external/ppm-load.c has unbounded memory allocation, leading to a denial of service (application crash) upon allocation failure.