Lucene search
K

10 matches found

Ubuntu
Ubuntu
added 2026/03/31 12:19 a.m.8 views

USN-8135-1: Pillow vulnerabilities

It was discovered that Pillow did not correctly handle reading J2K files, which could lead to an out-of-bounds read vulnerability. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. This issue...

9.1CVSS7.8AI score0.02876EPSS
Exploits0
OpenVAS
OpenVAS
added 2024/05/13 12:0 a.m.23 views

openSUSE Security Advisory (SUSE-SU-2024:1607-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS7.1AI score0.02876EPSS
Exploits0References9
OSV
OSV
added 2024/05/10 4:35 p.m.12 views

SUSE-SU-2024:1607-1 Security update for python-Pillow

This update for python-Pillow fixes the following issues: - CVE-2021-25287: out-of-bounds read in J2kDecode in j2kugrayala bsc1185805 - CVE-2021-25288: out-of-bounds read in J2kDecode in j2kugrayi bsc1185803 - CVE-2021-28675: DoS in PsdImagePlugin bsc1185804 - CVE-2021-28676: infinite loop in...

9.1CVSS6.8AI score0.02876EPSS
Exploits0References13
OSV
OSV
added 2021/11/09 8:24 a.m.34 views

RLSA-2021:4149 Moderate: python-pillow security update

The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Security Fixes: python-pillow: Out-of-bounds read in J2K image reader CVE-2021-25287 python-pillow:...

9.1CVSS7.4AI score0.04851EPSS
Exploits0References16
AlmaLinux
AlmaLinux
added 2021/11/09 8:24 a.m.44 views

Moderate: python-pillow security update

The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Security Fixes: python-pillow: Out-of-bounds read in J2K image reader CVE-2021-25287 python-pillow:...

9.8CVSS7.5AI score0.04851EPSS
Exploits0References15
Rockylinux
Rockylinux
added 2021/11/09 8:24 a.m.45 views

python-pillow security update

An update is available for python-pillow. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The python-pillow packages contain a Python image processing library th...

9.8CVSS7.9AI score0.04851EPSS
Exploits0
OpenVAS
OpenVAS
added 2021/07/13 12:0 a.m.20 views

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2021-2187)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS7.7AI score0.04851EPSS
Exploits0References2
CVE
CVE
added 2021/06/02 3:13 p.m.205 views

CVE-2021-25288

Pillow CVE-2021-25288 is an out-of-bounds read vulnerability in the J2kDecode path (j2ku_gray_i) affecting Pillow before 8.2.0. Multiple sources confirm the flaw; remediation is to upgrade to Pillow 8.2.0 or later. Exploitation details are not provided in the supplied documents.

9.1CVSS8.9AI score0.02876EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/05/20 12:0 a.m.50 views

Ubuntu 18.04 LTS / 20.04 LTS : Pillow vulnerabilities (USN-4963-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4963-1 advisory. It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a...

9.1CVSS6.8AI score0.02876EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2021/05/20 12:0 a.m.24 views

Ubuntu: Security Advisory (USN-4963-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS7.6AI score0.02876EPSS
Exploits0References2
Rows per page
Query Builder