Lucene search
K

16 matches found

Tenable Nessus
Tenable Nessus
added 2024/06/14 12:0 a.m.24 views

SUSE SLES15 Security Update : python-Pillow (SUSE-SU-2024:1673-2)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1673-2 advisory. - Fixed ImagePath.Path array handling bsc1194552, CVE-2022-22815, bsc1194551, CVE-2022-22816 - Use snprintf instead of sprintf bsc1188574,...

9.8CVSS7.2AI score0.04851EPSS
Exploits1References37
OpenVAS
OpenVAS
added 2024/05/24 12:0 a.m.27 views

openSUSE Security Advisory (SUSE-SU-2024:1673-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.7AI score0.04851EPSS
Exploits1References15
F5 Networks
F5 Networks
added 2023/02/21 6:35 p.m.70 views

K14102355: Python Pillow vulnerability CVE-2021-25289

Security Advisory Description An issue was discovered in Pillow before 8.1.1. TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode. NOTE: this issue exists because of an incomplete fix for CVE-2020-3565...

9.8CVSS7.7AI score0.02281EPSS
Exploits0
OpenVAS
OpenVAS
added 2021/09/28 12:0 a.m.24 views

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2021-2564)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.4AI score0.03162EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/09/28 12:0 a.m.27 views

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2021-2540)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.4AI score0.03162EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/03/19 3:29 a.m.44 views

CVE-2021-25289

An issue was discovered in Pillow before 8.1.1. TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode. NOTE: this issue exists because of an incomplete fix for CVE-2020-35654...

9.7AI score0.02281EPSS
Exploits0References2
CVE
CVE
added 2021/03/19 3:29 a.m.248 views

CVE-2021-25289

CVE-2021-25289 affects Pillow before 8.1.1. The issue is a heap-based buffer overflow in TiffDecode when decoding crafted YCbCr files, triggered by interpretation conflicts with LibTIFF in RGBA mode. This stems from an incomplete fix for CVE-2020-35654. The CVE is documented with high severity (C...

9.8CVSS9.4AI score0.02281EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2021/03/19 3:29 a.m.39 views

CVE-2021-25289

An issue was discovered in Pillow before 8.1.1. TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode. NOTE: this issue exists because of an incomplete fix for CVE-2020-35654...

9.8CVSS7.6AI score0.02281EPSS
Exploits0
OpenVAS
OpenVAS
added 2021/03/15 12:0 a.m.21 views

Fedora: Security Advisory for mingw-python-pillow (FEDORA-2021-15845d3abe)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS8.7AI score0.04851EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/03/15 12:0 a.m.48 views

Fedora 32 : python-pillow / python2-pillow (2021-0ece308612)

The remote Fedora 32 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2021-0ece308612 advisory. - In Pillow before 8.1.0, TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts...

9.8CVSS7.4AI score0.04851EPSS
Exploits0References10
OpenVAS
OpenVAS
added 2021/03/15 12:0 a.m.23 views

Fedora: Security Advisory for python-pillow (FEDORA-2021-15845d3abe)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS8.7AI score0.04851EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/03/15 12:0 a.m.40 views

Fedora 33 : mingw-python-pillow / python-pillow / python2-pillow (2021-15845d3abe)

The remote Fedora 33 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2021-15845d3abe advisory. - In Pillow before 8.1.0, TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts...

9.8CVSS7.4AI score0.04851EPSS
Exploits0References10
OpenVAS
OpenVAS
added 2021/03/12 12:0 a.m.33 views

Ubuntu: Security Advisory (USN-4763-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.4AI score0.04851EPSS
Exploits0References2
OSV
OSV
added 2021/03/11 2:56 p.m.3 views

USN-4763-1 pillow vulnerabilities

It was discovered that Pillow incorrectly handled certain Tiff image files. If a user or automated system were tricked into opening a specially-crafted Tiff file, a remote attacker could cause Pillow to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only...

9.8CVSS7.2AI score0.04851EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2021/03/03 5:4 p.m.37 views

CVE-2021-25289

A flaw was found in python-pillow. TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode. The previous fix for CVE-2020-35654 was insufficient due to incorrect error checking in TiffDecode.c. The highest...

9.8CVSS2.2AI score0.02281EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2021/03/03 12:0 a.m.50 views

CVE-2021-25289

An issue was discovered in Pillow before 8.1.1. TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode. NOTE: this issue exists because of an incomplete fix for CVE-2020-35654...

9.8CVSS6.9AI score0.02281EPSS
Exploits0References3
Rows per page
Query Builder