Lucene search
K

19 matches found

Tenable Nessus
Tenable Nessus
added 2024/06/14 12:0 a.m.24 views

SUSE SLES15 Security Update : python-Pillow (SUSE-SU-2024:1673-2)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1673-2 advisory. - Fixed ImagePath.Path array handling bsc1194552, CVE-2022-22815, bsc1194551, CVE-2022-22816 - Use snprintf instead of sprintf bsc1188574,...

9.8CVSS7.2AI score0.04851EPSS
Exploits1References37
OpenVAS
OpenVAS
added 2024/05/24 12:0 a.m.27 views

openSUSE Security Advisory (SUSE-SU-2024:1673-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.7AI score0.04851EPSS
Exploits1References15
OSV
OSV
added 2024/03/06 11:5 a.m.28 views

BIT-PILLOW-2021-25289

An issue was discovered in Pillow before 8.1.1. TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode. NOTE: this issue exists because of an incomplete fix for CVE-2020-35654...

9.8CVSS7.8AI score0.02281EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2021/03/29 4:35 p.m.54 views

Out of bounds write in Pillow

An issue was discovered in Pillow before 8.1.1. TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode. NOTE: this issue exists because of an incomplete fix for CVE-2020-35654...

9.8CVSS2.9AI score0.02281EPSS
Exploits0References7Affected Software1
Veracode
Veracode
added 2021/03/22 4:44 a.m.45 views

Denial Of Service (DoS)

pillow is vulnerable to denial of service DoS. The vulnerability exists through a heap-based buffer overflow during the decoding of a malicious YCbCr file in RGBA mode. This CVE is due to an incomplete fix for CVE-2020-35654...

9.8CVSS3.6AI score0.02281EPSS
Exploits0References2Affected Software2
OSV
OSV
added 2021/03/19 4:15 a.m.4 views

ALPINE-CVE-2021-25289

An issue was discovered in Pillow before 8.1.1. TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode. NOTE: this issue exists because of an incomplete fix for CVE-2020-35654...

9.8CVSS9.1AI score0.02281EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2021/03/19 3:29 a.m.41 views

CVE-2021-25289

An issue was discovered in Pillow before 8.1.1. TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode. NOTE: this issue exists because of an incomplete fix for CVE-2020-35654...

9.8CVSS9.7AI score0.02281EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/03/15 12:0 a.m.48 views

Fedora 32 : python-pillow / python2-pillow (2021-0ece308612)

The remote Fedora 32 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2021-0ece308612 advisory. - In Pillow before 8.1.0, TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts...

9.8CVSS7.4AI score0.04851EPSS
Exploits0References10
OpenVAS
OpenVAS
added 2021/03/15 12:0 a.m.21 views

Fedora: Security Advisory for mingw-python-pillow (FEDORA-2021-15845d3abe)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS8.7AI score0.04851EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/03/15 12:0 a.m.40 views

Fedora 33 : mingw-python-pillow / python-pillow / python2-pillow (2021-15845d3abe)

The remote Fedora 33 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2021-15845d3abe advisory. - In Pillow before 8.1.0, TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts...

9.8CVSS7.4AI score0.04851EPSS
Exploits0References10
UbuntuCve
UbuntuCve
added 2021/03/03 12:0 a.m.50 views

CVE-2021-25289

An issue was discovered in Pillow before 8.1.1. TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode. NOTE: this issue exists because of an incomplete fix for CVE-2020-35654...

9.8CVSS6.9AI score0.02281EPSS
Exploits0References3
OSV
OSV
added 2021/03/03 12:0 a.m.4 views

UBUNTU-CVE-2021-25289

An issue was discovered in Pillow before 8.1.1. TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode. NOTE: this issue exists because of an incomplete fix for CVE-2020-35654...

9.8CVSS7.2AI score0.02281EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/01/21 12:0 a.m.39 views

Fedora 33 : mingw-python-pillow / python-pillow (2021-a8ddc1ce70)

The remote Fedora 33 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2021-a8ddc1ce70 advisory. - In Pillow before 8.1.0, PcxDecode has a buffer over-read when decoding a crafted PCX file because the user-supplied stride value is trusted for...

8.8CVSS7.1AI score0.01789EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2021/01/21 12:0 a.m.28 views

Fedora: Security Advisory for mingw-python-pillow (FEDORA-2021-a8ddc1ce70)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.8CVSS8.3AI score0.01789EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2021/01/18 5:22 p.m.140 views

USN-4697-1: Pillow vulnerabilities

It was discovered that Pillow incorrectly handled certain PCX image files. If a user or automated system were tricked into opening a specially-crafted PCX file, a remote attacker could possibly cause Pillow to crash, resulting in a denial of service. CVE-2020-35653 It was discovered that Pillow...

8.8CVSS7.2AI score0.01789EPSS
Exploits0
OSV
OSV
added 2021/01/12 9:15 a.m.8 views

UBUNTU-CVE-2020-35654

In Pillow before 8.1.0, TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode...

8.8CVSS7.2AI score0.01789EPSS
Exploits0References4
CVE
CVE
added 2021/01/12 8:6 a.m.221 views

CVE-2020-35654

Pillow CVE-2020-35654 affects TiffDecode: heap-based buffer overflow when decoding crafted YCbCr files due to interpretation conflicts with LibTIFF in RGBA mode. Affected versions are Pillow before 8.1.0 (and related notes indicate an incomplete fix extending to 8.1.1 per downstream advisories). ...

8.8CVSS9.2AI score0.01789EPSS
Exploits0References5Affected Software1
ArchLinux
ArchLinux
added 2021/01/12 12:0 a.m.153 views

[ASA-202101-11] python-pillow: multiple issues

Arch Linux Security Advisory ASA-202101-11 ========================================== Severity: Medium Date : 2021-01-12 CVE-ID : CVE-2020-35653 CVE-2020-35654 CVE-2020-35655 Package : python-pillow Type : multiple issues Remote : No Link : https://security.archlinux.org/AVG-1438 Summary =======...

8.8CVSS0.6AI score0.01789EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2021/01/12 12:0 a.m.45 views

GLSA-202101-08 : Pillow: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202101-08 Pillow: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Pillow. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers for details...

8.8CVSS6.7AI score0.01789EPSS
Exploits0References4
Rows per page
Query Builder