10 matches found
USN-8135-1: Pillow vulnerabilities
It was discovered that Pillow did not correctly handle reading J2K files, which could lead to an out-of-bounds read vulnerability. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. This issue...
openSUSE Security Advisory (SUSE-SU-2024:1607-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2024:1607-1 Security update for python-Pillow
This update for python-Pillow fixes the following issues: - CVE-2021-25287: out-of-bounds read in J2kDecode in j2kugrayala bsc1185805 - CVE-2021-25288: out-of-bounds read in J2kDecode in j2kugrayi bsc1185803 - CVE-2021-28675: DoS in PsdImagePlugin bsc1185804 - CVE-2021-28676: infinite loop in...
RLSA-2021:4149 Moderate: python-pillow security update
The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Security Fixes: python-pillow: Out-of-bounds read in J2K image reader CVE-2021-25287 python-pillow:...
Moderate: python-pillow security update
The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Security Fixes: python-pillow: Out-of-bounds read in J2K image reader CVE-2021-25287 python-pillow:...
python-pillow security update
An update is available for python-pillow. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The python-pillow packages contain a Python image processing library th...
Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2021-2187)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-25288
Pillow CVE-2021-25288 is an out-of-bounds read vulnerability in the J2kDecode path (j2ku_gray_i) affecting Pillow before 8.2.0. Multiple sources confirm the flaw; remediation is to upgrade to Pillow 8.2.0 or later. Exploitation details are not provided in the supplied documents.
Ubuntu 18.04 LTS / 20.04 LTS : Pillow vulnerabilities (USN-4963-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4963-1 advisory. It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a...
Ubuntu: Security Advisory (USN-4963-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...