Lucene search
K

23 matches found

OpenVAS
OpenVAS
added 2022/08/26 12:0 a.m.28 views

Ubuntu: Security Advisory (USN-4697-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.1CVSS7AI score0.01498EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/02/09 12:0 a.m.137 views

Rocky Linux 8 : python-pillow (RLSA-2021:4149)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:4149 advisory. - Pillow through 8.2.0 and PIL aka Python Imaging Library through 1.1.7 allow an attacker to pass controlled parameters directly into a convert function to trigg...

9.8CVSS7.1AI score0.04851EPSS
Exploits0References31
Rockylinux
Rockylinux
added 2021/11/09 8:24 a.m.47 views

python-pillow security update

An update is available for python-pillow. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The python-pillow packages contain a Python image processing library th...

9.8CVSS7.9AI score0.04851EPSS
Exploits0
AlmaLinux
AlmaLinux
added 2021/11/09 8:24 a.m.50 views

Moderate: python-pillow security update

The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Security Fixes: python-pillow: Out-of-bounds read in J2K image reader CVE-2021-25287 python-pillow:...

9.8CVSS7.5AI score0.04851EPSS
Exploits0References15
OSV
OSV
added 2021/11/09 8:24 a.m.35 views

RLSA-2021:4149 Moderate: python-pillow security update

The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Security Fixes: python-pillow: Out-of-bounds read in J2K image reader CVE-2021-25287 python-pillow:...

9.1CVSS7.4AI score0.04851EPSS
Exploits0References16
OpenVAS
OpenVAS
added 2021/07/23 12:0 a.m.30 views

Debian: Security Advisory (DLA-2716-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.6AI score0.03162EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2021/05/03 12:0 a.m.24 views

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2021-1840)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.1AI score0.02372EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/04/13 12:0 a.m.28 views

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2021-1729)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.5AI score0.04212EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/03/24 12:0 a.m.40 views

EulerOS 2.0 SP5 : python-pillow (EulerOS-SA-2021-1702)

According to the versions of the python-pillow package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Pillow before 8.1.0, PcxDecode has a buffer over-read when decoding a crafted PCX file because the user-supplied stride value is truste...

7.1CVSS7AI score0.05426EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2021/03/24 12:0 a.m.24 views

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2021-1702)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.1CVSS7.7AI score0.05426EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/03/05 12:0 a.m.24 views

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2021-1383)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.1CVSS7.7AI score0.05426EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/03/05 12:0 a.m.25 views

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2021-1570)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7AI score0.01975EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/01/21 12:0 a.m.39 views

Fedora 33 : mingw-python-pillow / python-pillow (2021-a8ddc1ce70)

The remote Fedora 33 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2021-a8ddc1ce70 advisory. - In Pillow before 8.1.0, PcxDecode has a buffer over-read when decoding a crafted PCX file because the user-supplied stride value is trusted for...

8.8CVSS7.1AI score0.01789EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2021/01/21 12:0 a.m.28 views

Fedora: Security Advisory for mingw-python-pillow (FEDORA-2021-a8ddc1ce70)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.8CVSS8.3AI score0.01789EPSS
Exploits0References2
OSV
OSV
added 2021/01/20 1:43 p.m.6 views

USN-4697-2 pillow vulnerabilities

USN-4697-1 fixed several vulnerabilities in Pillow. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: It was discovered that Pillow incorrectly handled certain PCX image files. If a user or automated system were tricked into opening a specially-crafted...

7.1CVSS6.8AI score0.01498EPSS
Exploits0References3
Ubuntu
Ubuntu
added 2021/01/20 1:43 p.m.115 views

USN-4697-2: Pillow vulnerabilities

USN-4697-1 fixed several vulnerabilities in Pillow. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: It was discovered that Pillow incorrectly handled certain PCX image files. If a user or automated system were tricked into opening a specially-crafted...

7.1CVSS7.1AI score0.01498EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/01/18 5:22 p.m.139 views

USN-4697-1: Pillow vulnerabilities

It was discovered that Pillow incorrectly handled certain PCX image files. If a user or automated system were tricked into opening a specially-crafted PCX file, a remote attacker could possibly cause Pillow to crash, resulting in a denial of service. CVE-2020-35653 It was discovered that Pillow...

8.8CVSS7.2AI score0.01789EPSS
Exploits0
NVD
NVD
added 2021/01/12 9:15 a.m.35 views

CVE-2020-35653

In Pillow before 8.1.0, PcxDecode has a buffer over-read when decoding a crafted PCX file because the user-supplied stride value is trusted for buffer calculations...

7.1CVSS7.5AI score0.01498EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2021/01/12 9:15 a.m.32 views

CVE-2020-35653

In Pillow before 8.1.0, PcxDecode has a buffer over-read when decoding a crafted PCX file because the user-supplied stride value is trusted for buffer calculations...

7.1CVSS7AI score0.01498EPSS
Exploits0References4
CVE
CVE
added 2021/01/12 8:2 a.m.326 views

CVE-2020-35653

CVE-2020-35653 affects Pillow up to version 8.0.x, where the PCX decoder (PcxDecode) may trigger a buffer over-read when processing a crafted PCX file because the user-supplied stride is trusted for buffer calculations. The issue is documented across multiple adapters (e.g., Debian, Arch, AlmaLin...

7.1CVSS7.7AI score0.01498EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder