Lucene search
HistoryAug 25, 2014 - 2:55 p.m.
CVE-2014-3589
cve-2014-3589
pil
icnsimageplugin
python imaging library
pillow
denial of service
remote attackers
crafted block size
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
6.4 Medium
AI Score
Confidence
High
0.017 Low
EPSS
Percentile
87.9%
PIL/IcnsImagePlugin.py in Python Imaging Library (PIL) and Pillow before 2.3.2 and 2.5.x before 2.5.2 allows remote attackers to cause a denial of service via a crafted block size.
Affected configurations
Node
debianpython-imagingMatch-
ORpythonpillowRange≤2.3.1
ORpythonpillowMatch2.3.0
ORpythonpillowMatch2.5.0
ORpythonpillowMatch2.5.1
ORpythonpillowMatch2.5.2
Node
opensuseopensuseMatch13.2
Related
nessus
nessus
Fedora 20 : python-pillow-2.2.1-5.fc20 (2014-9540)
2014-08-27 00:00:00
Oracle Solaris Third-Party Patch Update : py_pil (cve_2014_3589_input_validation)
2015-01-19 00:00:00
Mandriva Linux Security Advisory : python-imaging (MDVSA-2014:163)
2014-09-12 00:00:00
ubuntucve
ubuntucve
CVE-2014-3589
2014-08-25 00:00:00
mageia
mageia
Updated python-imaging & python-pillow packages fix CVE-2014-3589
2014-08-21 13:36:13
prion
prion
Code injection
2014-08-25 14:55:00
debian
debian
[DLA 41-1] python-imaging security update
2014-08-24 16:38:21
[SECURITY] [DSA 3009-1] python-imaging security update
2014-08-21 18:09:34
securityvulns
securityvulns
[SECURITY] [DSA 3009-1] python-imaging security update
2014-08-26 00:00:00
Python Imaging Library DoS
2014-08-26 00:00:00
[ MDVSA-2015:099 ] python-pillow
2015-04-19 00:00:00
osv
osv
PYSEC-2014-10
2014-08-25 14:55:00
python-imaging - security update
2014-08-21 00:00:00
Pillow denial of service via Crafted Block Size
2022-05-14 02:05:20
openvas
openvas
Mageia: Security Advisory (MGASA-2014-0343)
2022-01-28 00:00:00
Debian: Security Advisory (DSA-3009-1)
2014-08-20 00:00:00
Debian: Security Advisory (DLA-41-1)
2023-03-08 00:00:00
cvelist
cvelist
CVE-2014-3589
2014-08-25 14:00:00
debiancve
debiancve
CVE-2014-3589
2014-08-25 14:55:06
nvd
nvd
CVE-2014-3589
2014-08-25 14:55:06
github
github
Pillow denial of service via Crafted Block Size
2022-05-14 02:05:20
fedora
fedora
[SECURITY] Fedora 19 Update: python-pillow-2.0.0-14.gitd1c6db8.fc19
2014-08-27 01:29:32
[SECURITY] Fedora 20 Update: python-pillow-2.2.1-5.fc20
2014-08-27 01:32:03
[SECURITY] Fedora 19 Update: python-pillow-2.0.0-16.gitd1c6db8.fc19
2014-11-22 12:40:12
ubuntu
ubuntu
Python Imaging Library vulnerabilities
2016-09-15 00:00:00
Pillow vulnerabilities
2016-09-27 00:00:00
Pillow regresssion
2016-09-30 00:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
6.4 Medium
AI Score
Confidence
High
0.017 Low
EPSS
Percentile
87.9%
Related for CVE-2014-3589