Download
| Alert*
oval:org.secpod.oval:def:106626
gegl is installed oval:org.secpod.oval:def:704617 gegl is installed oval:org.secpod.oval:def:105815 GEGL is a graph based image processing framework. GEGLs original design was made to scratch GIMPs itches for a new compositing and processing core. This core is being designed to have minimal dependencies. and a simple well defined API. oval:org.secpod.oval:def:202489 GEGL is a graph-based image processing framework. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the gegl utility processed .ppm image files. An attacker could create a specially-crafted .ppm file that, when opened in gegl, would cause gegl to crash or, pot ... oval:org.secpod.oval:def:500922 GEGL is a graph-based image processing framework. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the gegl utility processed .ppm image files. An attacker could create a specially-crafted .ppm file that, when opened in gegl, would cause gegl to crash or, pot ... oval:org.secpod.oval:def:1503703 Updated gegl packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available fro ... oval:org.secpod.oval:def:205930 GEGL is a graph-based image processing framework. Security Fix: * gegl: shell expansion via a crafted pathname For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. oval:org.secpod.oval:def:1505376 [0.2.0-19.1] - fix CVE-2021-45463 oval:org.secpod.oval:def:1700854 Due to the use of the system command in the Magick-Load op used by gegl an attacker is able to craft a command line path that is able to lead to the execution of arbitrary shell commands that impacts availability, confidentiality and integrity oval:org.secpod.oval:def:1900067 An issue was discovered in GEGL through 0.3.32. Thegegl_buffer_iterate_read_simple function in buffer/gegl-buffer-access.c allows remote attackers to cause a denial of service or possibly have unspecified other impact via a malformed PPM file, related to improper restrictions on memory allocation in ... oval:org.secpod.oval:def:1900054 An issue was discovered in GEGL through 0.3.32. Thegegl_tile_backend_swap_constructed function in buffer/gegl-tile-backend-swap.c allows remote attackers to cause a denial of service or possibly have unspecified other impact via a malformed PNG file that is mishandled during a call to thebabl_format ... oval:org.secpod.oval:def:2000599 An issue was discovered in GEGL through 0.3.32. The gegl_buffer_iterate_read_simple function in buffer/gegl-buffer-access.c allows remote attackers to cause a denial of service or possibly have unspecified other impact via a malformed PPM file, related to improper restrictions on memory allocation ... oval:org.secpod.oval:def:2001045 An issue was discovered in GEGL through 0.3.32. The gegl_tile_backend_swap_constructed function in buffer/gegl-tile-backend-swap.c allows remote attackers to cause a denial of service or possibly have unspecified other impact via a malformed PNG file that is mishandled during a call to the babl_for ... oval:org.secpod.oval:def:1900670 An issue was discovered in GEGL through 0.3.32. The process function in operations/external/ppm-load.c has unbounded memory allocation, leading to a denial of service upon allocation failure. oval:org.secpod.oval:def:2001110 An issue was discovered in GEGL through 0.3.32. The process function in operations/external/ppm-load.c has unbounded memory allocation, leading to a denial of service upon allocation failure. oval:org.secpod.oval:def:1901011 An issue was discovered in GEGL through 0.3.32. The render_rectangle function in process/gegl-processor.c has unbounded memory allocation, leading to a denial of service upon allocation failure. oval:org.secpod.oval:def:2000366 An issue was discovered in GEGL through 0.3.32. The render_rectangle function in process/gegl-processor.c has unbounded memory allocation, leading to a denial of service upon allocation failure. oval:org.secpod.oval:def:2500138 The exiv2 packages provide a command line utility which can display and manipulate image metadata such as EXIF, LPTC, and JPEG comments. oval:org.secpod.oval:def:1504527 exiv2 [0.27.2-5] - Fix failing test Resolves: bz#1800472 [0.27.2-4] - Drop test for the previous CVE as we test it manually and we dont have POC available Resolves: bz#1800472 [0.27.2-3] - Fix infinite loop and hang in Jp2Image::readMetadata Resolves: bz#1800472 [0.27.2-2] Rebuild Resolves: bz#16519 ... |