Astra Linux – Vulnerability in Gegl

The loadcache function in GEGL before version 0.4.34 allows shell expansion when a pathname in a constructed command line is not escaped or filtered. This issue arises due to the use of the system library function for executing the ImageMagick convert fallback in magick-load. NOTE: GEGL versions...

SUSE SLED15 / SLES15 Security Update : gegl (SUSE-SU-2026:1496-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1496-1 advisory. - CVE-2026-2049: improper validation of the length of user-supplied data when parsing HDR files can lead to a heap buff...

SUSE SLED15 / SLES15 Security Update : gegl (SUSE-SU-2026:1481-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1481-1 advisory. This update for gegl fixes the following issue: - CVE-2026-2049: improper validation of the length of user-supplied dat...

SUSE SLES12 Security Update : gegl (SUSE-SU-2026:1479-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2026:1479-1 advisory. This update for gegl fixes the following issue: - CVE-2026-2049: improper validation of the length of user-supplied data when parsing HDR files can lea...

Security update for gegl

This update for gegl fixes the following issues: CVE-2026-2049: improper validation of the length of user-supplied data when parsing HDR files can lead to a heap buffer overflow bsc1259749. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

SUSE-SU-2026:1496-1 Security update for gegl

This update for gegl fixes the following issues: - CVE-2026-2049: improper validation of the length of user-supplied data when parsing HDR files can lead to a heap buffer overflow bsc1259749...

Security update for gegl

This update for gegl fixes the following issue: CVE-2026-2049: improper validation of the length of user-supplied data when parsing HDR files can lead to a heap buffer overflow bsc1259749. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

SUSE-SU-2026:1481-1 Security update for gegl

This update for gegl fixes the following issue: - CVE-2026-2049: improper validation of the length of user-supplied data when parsing HDR files can lead to a heap buffer overflow bsc1259749...

Security update for gegl

This update for gegl fixes the following issue: CVE-2026-2049: improper validation of the length of user-supplied data when parsing HDR files can lead to a heap buffer overflow bsc1259749. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

SUSE-SU-2026:1479-1 Security update for gegl

This update for gegl fixes the following issue: - CVE-2026-2049: improper validation of the length of user-supplied data when parsing HDR files can lead to a heap buffer overflow bsc1259749...

Important: gegl

Issue Overview: The rgbereadnewrle function in gegl/libs/rgbe/rgbe.c has a heap buffer overflow vulnerability during HDR image parsing that may allow remote code execution. CVE-2026-2049 When parsing an HDR image file, the function rgbereadnewrle gegl/libs/rgbe/rgbe.c contains HEAP Based Buffer...

Amazon Linux 2 : gegl, --advisory ALAS2-2026-3183 (ALAS-2026-3183)

The version of gegl installed on the remote host is prior to 0.2.0-19. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3183 advisory. The rgbereadnewrle function in gegl/libs/rgbe/rgbe.c has a heap buffer overflow vulnerability during HDR image parsing that...

Mageia: Security Advisory (MGASA-2026-0047)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated gegl packages fix security vulnerabilities

ZDI-CAN-28618: New Vulnerability Report at rgbe.c. CVE-2026-2049 ZDI-CAN-28266: New Vulnerability Report at rgbe.c. CVE-2026-2050...

MGASA-2026-0047 Updated gegl packages fix security vulnerabilities

ZDI-CAN-28618: New Vulnerability Report at rgbe.c. CVE-2026-2049 ZDI-CAN-28266: New Vulnerability Report at rgbe.c. CVE-2026-2050...

Debian: Security Advisory (DLA-4487-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 4487-1] gegl security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4487-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz February 21, 2026 https://wiki.debian.org/LTS -...

DLA-4487-1 gegl - security update

Bulletin has no description...

Debian dla-4487 : gegl - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4487 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4487-1 [email protected]...

Debian: Security Advisory (DSA-6142-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...