Python Image Library (PIL) 1.1.7 and earlier and Pillow 2.3 might allow remote attackers to execute arbitrary commands via shell metacharacters in unspecified vectors related to CVE-2014-1932, possibly JpegImagePlugin.py.

References

people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-1932.html

bugs.debian.org/cgi-bin/bugreport.cgi?bug=737059

openvas 13

cve 2

mageia 3

osv 4

prion 2

github 2

debiancve 2

nvd 2

nessus 18

ubuntucve 3

amazon 1

fedora 2

cvelist 1

securityvulns 4

ubuntu 1

gentoo 1

openvas

Mageia: Security Advisory (MGASA-2014-0476)

2022-01-28 00:00:00

Fedora Update for python-pillow FEDORA-2014-14883

2014-11-23 00:00:00

Fedora Update for python-pillow FEDORA-2014-14980

2014-11-23 00:00:00

cve

CVE-2014-3007

2022-10-03 16:20:22

CVE-2014-1932

2014-04-17 14:55:11

mageia

Updated python-imaging and python-pillow packages fix security vulnerability

2014-11-21 15:44:16

Updated python-pillow packages fix insecure use of temporary files

2014-04-03 19:18:48

Updated python-imaging package fixes insecure use of temporary files

2014-04-03 19:18:48

osv

Pillow command injection

2022-05-17 04:45:39

PYSEC-2014-87

2014-04-27 20:55:00

PYSEC-2014-22

2014-04-17 14:55:00

prion

Design/Logic Flaw

2014-04-27 20:55:00

Design/Logic Flaw

2014-04-17 14:55:00

github

Pillow command injection

2022-05-17 04:45:39

PIL and Pillow Vulnerable to Symlink Attack on Tmpfiles

2022-05-17 02:39:13

debiancve

CVE-2014-3007

2022-10-03 16:20:22

CVE-2014-1932

2014-04-17 14:55:11

nvd

CVE-2014-3007

2014-04-27 20:55:23

CVE-2014-1932

2014-04-17 14:55:11

nessus

Amazon Linux 2 : python-pillow (ALAS-2023-2286)

2023-10-05 00:00:00

Fedora 19 : python-pillow-2.0.0-16.gitd1c6db8.fc19 (2014-14980)

2014-11-24 00:00:00

Fedora 20 : python-pillow-2.2.1-7.fc20 (2014-14883)

2014-11-24 00:00:00

ubuntucve

CVE-2014-3007

2014-04-27 00:00:00

CVE-2014-1932

2014-02-21 00:00:00

CVE-2014-1933

2014-02-21 00:00:00

amazon

Important: python-pillow

2023-09-27 22:49:00

fedora

[SECURITY] Fedora 20 Update: python-pillow-2.2.1-7.fc20

2014-11-22 12:39:31

[SECURITY] Fedora 19 Update: python-pillow-2.0.0-16.gitd1c6db8.fc19

2014-11-22 12:40:12

cvelist

CVE-2014-1932

2014-04-17 14:00:00

securityvulns

pillow multiple security vulnerabilities

2015-04-19 00:00:00

[ MDVSA-2015:099 ] python-pillow

2015-04-19 00:00:00

[USN-2168-1] Python Imaging Library vulnerabilities

2014-05-04 00:00:00

ubuntu

Python Imaging Library vulnerabilities

2014-04-15 00:00:00

gentoo

Pillow: Multiple vulnerabilities

2016-12-31 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

8 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

65.3%

JSON

Related for CVELIST:CVE-2014-3007