Lucene search
Veracode Vulnerability DatabaseVERACODE:33471HistoryDec 28, 2021 - 12:27 p.m.
Command Injection
2021-12-2812:27:59
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
16
gegl
command injection
vulnerability
software
EPSS
0.003
Percentile
68.6%
GEGL is vulnerable to command injection. The vulnerability exists due to a pathname in a constructed command line is not escaped or filtered.
References
gitlab.gnome.org/GNOME/gegl/-/blob/master/docs/NEWS.adoc
gitlab.gnome.org/GNOME/gegl/-/commit/bfce470f0f2f37968862129d5038b35429f2909b
gitlab.gnome.org/GNOME/gegl/-/issues/298
gitlab.gnome.org/GNOME/gimp/-/commit/e8a31ba4f2ce7e6bc34882dc27c97fba993f5868
lists.fedoraproject.org/archives/list/[email protected]/message/CG635WJCNXHJM5U4BGMAAP4NK2YFTQXK/
lists.fedoraproject.org/archives/list/[email protected]/message/ZP5NDNOTMPI335FXE7VUPW7FXYTT7PYN/
security-tracker.debian.org/tracker/CVE-2021-45463
www.gimp.org/news/2021/12/21/gimp-2-10-30-released/
Related
nessus
nessus
RHEL 8 : gegl04 (RHSA-2022:0178)
2022-01-19 00:00:00
SUSE SLED15 / SLES15 Security Update : gegl (SUSE-SU-2021:4210-1)
2022-01-01 00:00:00
RHEL 7 : gegl (RHSA-2022:0162)
2022-01-18 00:00:00
osv
osv
CVE-2021-45463
2021-12-23 06:15:06
Important: gegl04 security update
2022-01-19 09:43:42
gegl vulnerability
2022-07-27 10:08:37
suse
suse
Security update for gegl (important)
2021-12-31 00:00:00
Security update for gegl (important)
2021-12-31 00:00:00
alpinelinux
alpinelinux
CVE-2021-45463
2021-12-23 06:15:06
openvas
openvas
Fedora: Security Advisory for gegl04 (FEDORA-2022-a1c5b18362)
2022-01-08 00:00:00
Ubuntu: Security Advisory (USN-5251-1)
2023-01-27 00:00:00
SUSE: Security Advisory (SUSE-SU-2021:4209-1)
2022-01-01 00:00:00
nvd
nvd
CVE-2021-45463
2021-12-23 06:15:06
redhat
redhat
(RHSA-2022:0184) Important: gegl04 security update
2022-01-19 10:49:57
(RHSA-2022:0177) Important: gegl04 security update
2022-01-19 09:43:42
(RHSA-2022:0162) Important: gegl security update
2022-01-18 13:07:51
mageia
mageia
Updated gegl packages fix security vulnerability
2022-01-03 10:36:40
ubuntu
ubuntu
GEGL vulnerability
2022-07-27 00:00:00
rocky
rocky
gegl04 security update
2022-01-19 09:43:42
prion
prion
Design/Logic Flaw
2021-12-23 06:15:00
redos
redos
ROS-20220125-07
2022-01-25 00:00:00
debiancve
debiancve
CVE-2021-45463
2021-12-23 06:15:06
fedora
fedora
[SECURITY] Fedora 35 Update: gegl04-0.4.34-1.fc35
2022-01-08 01:19:51
[SECURITY] Fedora 34 Update: gegl04-0.4.34-1.fc34
2022-01-13 01:00:10
amazon
amazon
Important: gegl
2022-03-01 17:40:00
cve
cve
CVE-2021-45463
2021-12-23 06:15:06
redhatcve
redhatcve
CVE-2021-45463
2021-12-23 21:12:01
ubuntucve
ubuntucve
CVE-2021-45463
2021-12-23 00:00:00
centos
centos
gegl security update
2022-01-18 16:02:33
oraclelinux
oraclelinux
gegl security update
2022-01-18 00:00:00
gegl04 security update
2022-01-20 00:00:00
cvelist
cvelist
CVE-2021-45463
2021-12-23 06:00:57
almalinux
almalinux
Important: gegl04 security update
2022-01-19 09:43:42