VYPR

Gegl

by Gegl

CVEs (6)

  • CVE-2018-10114HigApr 16, 2018
    risk 0.57cvss 8.8epss 0.02

    An issue was discovered in GEGL through 0.3.32. The gegl_buffer_iterate_read_simple function in buffer/gegl-buffer-access.c allows remote attackers to cause a denial of service (write access violation) or possibly have unspecified other impact via a malformed PPM file, related…

  • CVE-2018-10112HigApr 16, 2018
    risk 0.57cvss 8.8epss 0.01

    An issue was discovered in GEGL through 0.3.32. The gegl_tile_backend_swap_constructed function in buffer/gegl-tile-backend-swap.c allows remote attackers to cause a denial of service (write access violation) or possibly have unspecified other impact via a malformed PNG file…

  • CVE-2018-10113HigApr 16, 2018
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in GEGL through 0.3.32. The process function in operations/external/ppm-load.c has unbounded memory allocation, leading to a denial of service (application crash) upon allocation failure.

  • CVE-2018-10111HigApr 16, 2018
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in GEGL through 0.3.32. The render_rectangle function in process/gegl-processor.c has unbounded memory allocation, leading to a denial of service (application crash) upon allocation failure.

  • CVE-2012-4433Nov 18, 2012
    risk 0.01cvss epss 0.13

    Multiple integer overflows in operations/external/ppm-load.c in GEGL (Generic Graphics Library) 0.2.0 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a large (1) width or (2) height value in a Portable Pixel Map…

  • CVE-2021-45463Dec 23, 2021
    risk 0.00cvss epss 0.01

    load_cache in GEGL before 0.4.34 allows shell expansion when a pathname in a constructed command line is not escaped or filtered. This is caused by use of the system library function for execution of the ImageMagick convert fallback in magick-load. NOTE: GEGL releases before…