Lucene search
K

18 matches found

Tenable Nessus
Tenable Nessus
added 2024/06/14 12:0 a.m.24 views

SUSE SLES15 Security Update : python-Pillow (SUSE-SU-2024:1673-2)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1673-2 advisory. - Fixed ImagePath.Path array handling bsc1194552, CVE-2022-22815, bsc1194551, CVE-2022-22816 - Use snprintf instead of sprintf bsc1188574,...

9.8CVSS7.2AI score0.04851EPSS
Exploits1References37
OpenVAS
OpenVAS
added 2024/05/24 12:0 a.m.27 views

openSUSE Security Advisory (SUSE-SU-2024:1673-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.7AI score0.04851EPSS
Exploits1References15
Tenable Nessus
Tenable Nessus
added 2023/03/23 12:0 a.m.20 views

Amazon Linux 2023 : python3-pillow, python3-pillow-devel, python3-pillow-tk (ALAS2023-2023-146)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-146 advisory. An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is a negative-offset memcpy with an invalid size. CVE-2021-25290 An issue was discovered in Pillow before 8.1.1. In...

9.8CVSS7.3AI score0.04851EPSS
Exploits0References24
Amazon
Amazon
added 2023/03/22 12:0 a.m.8 views

Important: python-pillow

Issue Overview: An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is a negative-offset memcpy with an invalid size. CVE-2021-25290 An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is an out-of-bounds read in TiffreadRGBATile via invalid tile boundaries...

9.8CVSS7.8AI score0.04851EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 3:44 a.m.2 views

SUSE CVE-2021-27921

Pillow before 8.1.2 allows attackers to cause a denial of service memory consumption because the reported size of a contained image is not properly checked for a BLP container, and thus an attempted memory allocation can be very large...

7.5CVSS8.9AI score0.0317EPSS
Exploits0References7
OSV
OSV
added 2021/11/09 8:24 a.m.35 views

RLSA-2021:4149 Moderate: python-pillow security update

The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Security Fixes: python-pillow: Out-of-bounds read in J2K image reader CVE-2021-25287 python-pillow:...

9.1CVSS7.4AI score0.04851EPSS
Exploits0References16
Rockylinux
Rockylinux
added 2021/11/09 8:24 a.m.47 views

python-pillow security update

An update is available for python-pillow. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The python-pillow packages contain a Python image processing library th...

9.8CVSS7.9AI score0.04851EPSS
Exploits0
AlmaLinux
AlmaLinux
added 2021/11/09 8:24 a.m.50 views

Moderate: python-pillow security update

The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Security Fixes: python-pillow: Out-of-bounds read in J2K image reader CVE-2021-25287 python-pillow:...

9.8CVSS7.5AI score0.04851EPSS
Exploits0References15
OpenVAS
OpenVAS
added 2021/07/13 12:0 a.m.20 views

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2021-2187)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS7.7AI score0.04851EPSS
Exploits0References2
OSV
OSV
added 2021/04/07 11:2 a.m.6 views

OESA-2021-1146 python-pillow security update

Pillow is the friendly PIL fork by Alex Clark and Contributors. PIL is the Python Imaging Library by Fredrik Lundh and Contributors. As of 2019, Pillow development is supported by Tidelift. Security Fixes: In Pillow before 8.1.0, SGIRleDecode has a 4-byte buffer over-read when decoding crafted SG...

7.5CVSS7.2AI score0.04851EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2021/03/15 12:0 a.m.21 views

Fedora: Security Advisory for mingw-python-pillow (FEDORA-2021-15845d3abe)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS8.7AI score0.04851EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/03/15 12:0 a.m.48 views

Fedora 32 : python-pillow / python2-pillow (2021-0ece308612)

The remote Fedora 32 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2021-0ece308612 advisory. - In Pillow before 8.1.0, TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts...

9.8CVSS7.4AI score0.04851EPSS
Exploits0References10
OpenVAS
OpenVAS
added 2021/03/15 12:0 a.m.23 views

Fedora: Security Advisory for python-pillow (FEDORA-2021-15845d3abe)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS8.7AI score0.04851EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/03/12 12:0 a.m.33 views

Ubuntu: Security Advisory (USN-4763-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.4AI score0.04851EPSS
Exploits0References2
OSV
OSV
added 2021/03/11 2:56 p.m.3 views

USN-4763-1 pillow vulnerabilities

It was discovered that Pillow incorrectly handled certain Tiff image files. If a user or automated system were tricked into opening a specially-crafted Tiff file, a remote attacker could cause Pillow to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only...

9.8CVSS7.2AI score0.04851EPSS
Exploits0References9
OSV
OSV
added 2021/03/03 9:15 a.m.4 views

DEBIAN-CVE-2021-27921

Pillow before 8.1.2 allows attackers to cause a denial of service memory consumption because the reported size of a contained image is not properly checked for a BLP container, and thus an attempted memory allocation can be very large...

7.5CVSS6.8AI score0.0317EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/03/03 8:41 a.m.21 views

CVE-2021-27921

Pillow before 8.1.2 allows attackers to cause a denial of service memory consumption because the reported size of a contained image is not properly checked for a BLP container, and thus an attempted memory allocation can be very large...

8.4AI score0.0317EPSS
Exploits0References5
CVE
CVE
added 2021/03/03 8:41 a.m.271 views

CVE-2021-27921

CVE-2021-27921 concerns Pillow (Python Imaging Library). Affected: Pillow up to 8.1.1/8.1.2 before 8.1.2. Issue: memory-allocating DoS due to the reported size of a contained image not being properly checked for BLP containers, allowing a very large allocation. Impact: potential denial of service...

7.5CVSS6.7AI score0.0317EPSS
Exploits0References9Affected Software1
Rows per page
Query Builder