Download
| Alert*
oval:org.secpod.oval:def:506656
GEGL is a graph-based image processing framework. Security Fix: * gegl: shell expansion via a crafted pathname For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. oval:org.secpod.oval:def:506655 GEGL is a graph-based image processing framework. Security Fix: * gegl: shell expansion via a crafted pathname For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. oval:org.secpod.oval:def:121403 GEGL is a graph based image processing framework. GEGLs original design was made to scratch GIMPs itches for a new compositing and processing core. This core is being designed to have minimal dependencies and a simple well defined API. oval:org.secpod.oval:def:121397 GEGL is a graph based image processing framework. GEGLs original design was made to scratch GIMP's itches for a new compositing and processing core. This core is being designed to have minimal dependencies and a simple well defined API. oval:org.secpod.oval:def:4501083 GEGL is a graph-based image processing framework. Security Fix: * gegl: shell expansion via a crafted pathname For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. oval:org.secpod.oval:def:2500526 GEGL is a graph-based image processing framework. oval:org.secpod.oval:def:205930 GEGL is a graph-based image processing framework. Security Fix: * gegl: shell expansion via a crafted pathname For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. oval:org.secpod.oval:def:1505378 [0.4.4-6.2] - spec bump because of build pipeline issues [0.4.4-6.1] - Fix CVE-2021-45463 oval:org.secpod.oval:def:1505376 [0.2.0-19.1] - fix CVE-2021-45463 oval:org.secpod.oval:def:1700854 Due to the use of the system command in the Magick-Load op used by gegl an attacker is able to craft a command line path that is able to lead to the execution of arbitrary shell commands that impacts availability, confidentiality and integrity |