Lucene search
K

17 matches found

Ubuntu
Ubuntu
added 2026/03/31 12:19 a.m.8 views

USN-8135-1: Pillow vulnerabilities

It was discovered that Pillow did not correctly handle reading J2K files, which could lead to an out-of-bounds read vulnerability. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. This issue...

9.1CVSS7.8AI score0.02876EPSS
Exploits0
OpenVAS
OpenVAS
added 2024/05/13 12:0 a.m.23 views

openSUSE Security Advisory (SUSE-SU-2024:1607-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS7.1AI score0.02876EPSS
Exploits0References9
OSV
OSV
added 2024/05/10 4:35 p.m.12 views

SUSE-SU-2024:1607-1 Security update for python-Pillow

This update for python-Pillow fixes the following issues: - CVE-2021-25287: out-of-bounds read in J2kDecode in j2kugrayala bsc1185805 - CVE-2021-25288: out-of-bounds read in J2kDecode in j2kugrayi bsc1185803 - CVE-2021-28675: DoS in PsdImagePlugin bsc1185804 - CVE-2021-28676: infinite loop in...

9.1CVSS6.8AI score0.02876EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2023/03/23 12:0 a.m.20 views

Amazon Linux 2023 : python3-pillow, python3-pillow-devel, python3-pillow-tk (ALAS2023-2023-146)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-146 advisory. An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is a negative-offset memcpy with an invalid size. CVE-2021-25290 An issue was discovered in Pillow before 8.1.1. In...

9.8CVSS7.3AI score0.04851EPSS
Exploits0References24
Amazon
Amazon
added 2023/03/22 12:0 a.m.7 views

Important: python-pillow

Issue Overview: An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is a negative-offset memcpy with an invalid size. CVE-2021-25290 An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is an out-of-bounds read in TiffreadRGBATile via invalid tile boundaries...

9.8CVSS7.8AI score0.04851EPSS
Exploits0
OpenVAS
OpenVAS
added 2023/01/31 12:0 a.m.20 views

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2023-1288)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.2AI score0.03399EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2022/02/12 12:0 a.m.36 views

EulerOS Virtualization 3.0.6.6 : python-pillow (EulerOS-SA-2022-1142)

According to the versions of the python-pillow package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service ReDoS via the getrgb...

9.8CVSS7AI score0.0318EPSS
Exploits1References6
Rockylinux
Rockylinux
added 2021/11/09 8:24 a.m.45 views

python-pillow security update

An update is available for python-pillow. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The python-pillow packages contain a Python image processing library th...

9.8CVSS7.9AI score0.04851EPSS
Exploits0
AlmaLinux
AlmaLinux
added 2021/11/09 8:24 a.m.44 views

Moderate: python-pillow security update

The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Security Fixes: python-pillow: Out-of-bounds read in J2K image reader CVE-2021-25287 python-pillow:...

9.8CVSS7.5AI score0.04851EPSS
Exploits0References15
OSV
OSV
added 2021/11/09 8:24 a.m.31 views

RLSA-2021:4149 Moderate: python-pillow security update

The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Security Fixes: python-pillow: Out-of-bounds read in J2K image reader CVE-2021-25287 python-pillow:...

9.1CVSS7.4AI score0.04851EPSS
Exploits0References16
OpenVAS
OpenVAS
added 2021/10/26 12:0 a.m.28 views

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2021-2611)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.8AI score0.03162EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/09/04 12:0 a.m.28 views

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2021-2345)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.02453EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/07/23 12:0 a.m.30 views

Debian: Security Advisory (DLA-2716-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.6AI score0.03162EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2021/07/13 12:0 a.m.20 views

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2021-2187)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS7.7AI score0.04851EPSS
Exploits0References2
CVE
CVE
added 2021/06/02 3:18 p.m.212 views

CVE-2021-28677

CVE-2021-28677 affects Pillow before 8.2.0. The EPSImageFile.readline implementation mishandles line endings (combination of \r and \n) using a quadratic accumulation method, enabling a DoS during the open phase before an image is opened. Connected sources reference Pillow’s fix in 8.2.0 and note...

7.5CVSS8.1AI score0.02293EPSS
Exploits0References5Affected Software1
OpenVAS
OpenVAS
added 2021/05/20 12:0 a.m.24 views

Ubuntu: Security Advisory (USN-4963-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS7.6AI score0.02876EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/05/20 12:0 a.m.50 views

Ubuntu 18.04 LTS / 20.04 LTS : Pillow vulnerabilities (USN-4963-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4963-1 advisory. It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a...

9.1CVSS6.8AI score0.02876EPSS
Exploits0References7
Rows per page
Query Builder