| Package | gegl |
|---|---|
| Version | 0.4.12-2+deb10u1 (buster) |
| Related CVEs | CVE-2021-45463 CVE-2025-10921 |
Multiple vulnerabilities were discovered in GEGL, a graph-based image processing library, which could result in denial of service or the execution of arbitrary code if malformed files or filenames are processed.
-
CVE-2021-45463
load_cache allows shell expansion when a pathname in a constructed command line is not escaped or filtered. This is caused by use of the system library function for execution of the ImageMagick convert fallback in magick-load.
-
CVE-2025-10921
GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability.
For Debian 10 buster, these problems have been fixed in version 0.4.12-2+deb10u1.
We recommend that you upgrade your gegl packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.