Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-3080-1
HistorySep 15, 2016 - 12:00 a.m.

Python Imaging Library vulnerabilities

2016-09-1500:00:00
ubuntu.com
37

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

6.8 Medium

AI Score

Confidence

High

0.073 Low

EPSS

Percentile

94.1%

JSON

Releases

  • Ubuntu 12.04

Packages

  • python-imaging - Python Imaging Library

Details

Eric Soroos discovered that the Python Imaging Library incorrectly handled
certain malformed FLI or PhotoCD files. A remote attacker could use this
issue to cause Python Imaging Library to crash, resulting in a denial of
service. (CVE-2016-0775, CVE-2016-2533)

Andrew Drake discovered that the Python Imaging Libray incorrectly validated
input. A remote attacker could use this to cause Python Imaging Library to
crash, resulting in a denial of service. (CVE-2014-3589)

OSVersionArchitecturePackageVersionFilename
Ubuntu12.04noarchpython-imaging< 1.1.7-4ubuntu0.12.04.2UNKNOWN
Ubuntu12.04noarchpython-imaging-dbg< 1.1.7-4ubuntu0.12.04.2UNKNOWN
Ubuntu12.04noarchpython-imaging-dbgsym< 1.1.7-4ubuntu0.12.04.2UNKNOWN
Ubuntu12.04noarchpython-imaging-sane< 1.1.7-4ubuntu0.12.04.2UNKNOWN
Ubuntu12.04noarchpython-imaging-sane-dbg< 1.1.7-4ubuntu0.12.04.2UNKNOWN
Ubuntu12.04noarchpython-imaging-sane-dbgsym< 1.1.7-4ubuntu0.12.04.2UNKNOWN
Ubuntu12.04noarchpython-imaging-tk< 1.1.7-4ubuntu0.12.04.2UNKNOWN
Ubuntu12.04noarchpython-imaging-tk-dbg< 1.1.7-4ubuntu0.12.04.2UNKNOWN
Ubuntu12.04noarchpython-imaging-tk-dbgsym< 1.1.7-4ubuntu0.12.04.2UNKNOWN

Related

openvas 24
nessus 32
osv 7
ubuntu 2
debian 4
debiancve 3
github 3
securityvulns 4
nvd 3
cve 3
cvelist 3
ubuntucve 3
mageia 2
prion 3
freebsd 1
amazon 1
fedora 6
threatpost 1
gentoo 1
rosalinux 1
openvas
openvas
Ubuntu: Security Advisory (USN-3080-1)
2018-10-26 00:00:00
Debian: Security Advisory (DLA-422-1)
2023-03-08 00:00:00
Ubuntu: Security Advisory (USN-3090-2)
2022-08-26 00:00:00
nessus
nessus
Ubuntu 12.04 LTS : python-imaging vulnerabilities (USN-3080-1)
2016-09-16 00:00:00
Ubuntu 14.04 LTS : Pillow regresssion (USN-3090-2)
2016-10-03 00:00:00
Ubuntu 14.04 LTS : Pillow vulnerabilities (USN-3090-1)
2016-09-28 00:00:00
osv
osv
python-imaging - security update
2016-02-21 00:00:00
Pillow buffer overflow in ImagingPcdDecode
2018-07-24 20:15:13
python-imaging - security update
2014-08-21 00:00:00
ubuntu
ubuntu
Pillow regresssion
2016-09-30 00:00:00
Pillow vulnerabilities
2016-09-27 00:00:00
debian
debian
[SECURITY] [DSA 3499-1] pillow security update
2016-02-28 22:14:45
[DLA 41-1] python-imaging security update
2014-08-24 16:38:21
[SECURITY] [DSA 3009-1] python-imaging security update
2014-08-21 18:09:34
debiancve
debiancve
CVE-2016-2533
2016-04-13 16:59:14
CVE-2014-3589
2014-08-25 14:55:06
CVE-2016-0775
2016-04-13 16:59:02
github
github
Pillow buffer overflow in ImagingPcdDecode
2018-07-24 20:15:13
Pillow denial of service via Crafted Block Size
2022-05-14 02:05:20
Pillow Buffer overflow in ImagingFliDecode
2018-07-24 20:15:36
securityvulns
securityvulns
Python Imaging Library DoS
2014-08-26 00:00:00
[SECURITY] [DSA 3009-1] python-imaging security update
2014-08-26 00:00:00
[ MDVSA-2015:099 ] python-pillow
2015-04-19 00:00:00
nvd
nvd
CVE-2014-3589
2014-08-25 14:55:06
CVE-2016-2533
2016-04-13 16:59:14
CVE-2016-0775
2016-04-13 16:59:02
cve
cve
CVE-2014-3589
2014-08-25 14:55:06
CVE-2016-2533
2016-04-13 16:59:14
CVE-2016-0775
2016-04-13 16:59:02
cvelist
cvelist
CVE-2016-2533
2016-04-13 16:00:00
CVE-2014-3589
2014-08-25 14:00:00
CVE-2016-0775
2016-04-13 16:00:00
ubuntucve
ubuntucve
CVE-2014-3589
2014-08-25 00:00:00
CVE-2016-2533
2016-04-13 00:00:00
CVE-2016-0775
2016-04-13 00:00:00
mageia
mageia
Updated python-imaging & python-pillow packages fix CVE-2014-3589
2014-08-21 13:36:13
Updated python-pillow packages fix security vulnerability
2016-02-17 22:06:01
prion
prion
Code injection
2014-08-25 14:55:00
Buffer overflow
2016-04-13 16:59:00
Buffer overflow
2016-04-13 16:59:00
freebsd
freebsd
py-imaging, py-pillow -- Buffer overflow in FLI decoding code
2016-02-05 00:00:00
amazon
amazon
Medium: python-pillow
2024-02-15 03:52:00
fedora
fedora
[SECURITY] Fedora 20 Update: python-pillow-2.2.1-5.fc20
2014-08-27 01:32:03
[SECURITY] Fedora 19 Update: python-pillow-2.0.0-14.gitd1c6db8.fc19
2014-08-27 01:29:32
[SECURITY] Fedora 22 Update: python-pillow-2.8.2-4.fc22
2016-02-21 02:28:07
threatpost
threatpost
Popular Android App Leaks Microsoft Exchange User Credentials
2016-10-14 08:00:37
gentoo
gentoo
Pillow: Multiple vulnerabilities
2016-12-31 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1957
2021-07-02 18:03:40

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

6.8 Medium

AI Score

Confidence

High

0.073 Low

EPSS

Percentile

94.1%

JSON
Related for USN-3080-1
openvas24nessus32osv7ubuntu2debian4debiancve3github3securityvulns4nvd3cve3cvelist3ubuntucve3mageia2prion3freebsd1amazon1fedora6threatpost1gentoo1rosalinux1