Gegl : Security Vulnerabilities, CVEs, (Overflow)
An issue was discovered in GEGL through 0.3.32. The gegl_buffer_iterate_read_simple function in buffer/gegl-buffer-access.c allows remote attackers to cause a denial of service (write access violation) or possibly have unspecified other impact via a malformed PPM file, related to improper restrictions on memory allocation in the ppm_load_read_header function in operations/external/ppm-load.c.
Max CVSS
8.8
EPSS Score
0.38%
Published
2018-04-16
Updated
2018-05-17
An issue was discovered in GEGL through 0.3.32. The process function in operations/external/ppm-load.c has unbounded memory allocation, leading to a denial of service (application crash) upon allocation failure.
Max CVSS
7.5
EPSS Score
0.12%
Published
2018-04-16
Updated
2018-06-13
An issue was discovered in GEGL through 0.3.32. The gegl_tile_backend_swap_constructed function in buffer/gegl-tile-backend-swap.c allows remote attackers to cause a denial of service (write access violation) or possibly have unspecified other impact via a malformed PNG file that is mishandled during a call to the babl_format_get_bytes_per_pixel function in babl-format.c in babl 0.1.46.
Max CVSS
8.8
EPSS Score
0.35%
Published
2018-04-16
Updated
2018-05-17
An issue was discovered in GEGL through 0.3.32. The render_rectangle function in process/gegl-processor.c has unbounded memory allocation, leading to a denial of service (application crash) upon allocation failure.
Max CVSS
7.5
EPSS Score
0.12%
Published
2018-04-16
Updated
2018-05-17
Multiple integer overflows in operations/external/ppm-load.c in GEGL (Generic Graphics Library) 0.2.0 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a large (1) width or (2) height value in a Portable Pixel Map (ppm) image, which triggers a heap-based buffer overflow.
Max CVSS
7.5
EPSS Score
5.91%
Published
2012-11-18
Updated
2023-02-13
5 vulnerabilities found