It's a concern because you may use parted/gparted on an untrusted virtual machine or a USB key. You don't want a malformed filesystem controlled by someone you don't mutually trust to subvert a tool running as root on your host.
libvirt[1] and libguestfs[2] specifically take steps to reduce the exposure. Parted did not, but it's now somewhat more secure for getting rid of features that are better done by another means.
So run it on a VM/throwaway machine. Once you achieve that level of paranoia it's really turtles all the way down. Next we'll be trying to get rid of e2tools...
A properly malicious filesystem will get you a compromised userspace program... big whoop, there are far far far more likely vectors for that, at least manipulating a strange and untrusted filesystem with gparted is something you have to try to do. The danger libguestfs is attempting to avoid does not apply here meaningfully.
It's a concern because you may use parted/gparted on an untrusted virtual machine or a USB key. You don't want a malformed filesystem controlled by someone you don't mutually trust to subvert a tool running as root on your host.
libvirt[1] and libguestfs[2] specifically take steps to reduce the exposure. Parted did not, but it's now somewhat more secure for getting rid of features that are better done by another means.
[1] https://rwmj.wordpress.com/2011/05/24/what-is-svirt/
[2] http://libguestfs.org/guestfs.3.html#security