Lucene search
K

38 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in pillow

Pillow through 10.1.0 allows for arbitrary code execution via the environment parameter. This is a different vulnerability than CVE-2022-22817, which involved the expression parameter...

8.1CVSS7.6AI score0.01703EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/19 12:0 a.m.5 views

MiracleLinux 8 : python-pillow-5.1.1-18.el8 (AXSA:2022-3080:02)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3080:02 advisory. python-pillow: PIL.ImageMath.eval allows evaluation of arbitrary expressions CVE-2022-22817 python-pillow: buffer over-read during initialization of...

9.8CVSS6.1AI score0.03399EPSS
Exploits0References3
Circl
Circl
added 2025/07/22 10:0 a.m.4 views

CVE-2022-22817

creationtimestamp| type| source ---|---|--- 2025-07-22 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-203-04...

9.8CVSS7.3AI score0.03399EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
added 2025/01/15 12:0 a.m.5 views

python311-Pillow-11.1.0-1.1 on GA media (moderate)

python311-Pillow-11.1.0-1.1 on GA media Announcement ID: openSUSE-SU-2025:14645-1 Rating: moderate Cross-References: CVE-2022-22817 CVE-2022-24303 CVE-2022-30595 CVSS scores: CVE-2022-22817 SUSE : 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L CVE-2022-24303 SUSE : 5.9...

5.9CVSS7.1AI score0.03399EPSS
Exploits1
OpenVAS
OpenVAS
added 2024/03/22 12:0 a.m.22 views

Debian: Security Advisory (DLA-3768-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9AI score0.03399EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/02/29 12:0 a.m.31 views

RHEL 8 : python-pillow (RHSA-2024:1059)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:1059 advisory. The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representatio...

8.1CVSS7.2AI score0.01703EPSS
Exploits0References4
Mageia
Mageia
added 2024/01/30 8:57 p.m.72 views

Updated python-pillow packages fix a security vulnerability

This update fixes the following security issue: Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter This is a different vulnerability than CVE-2022-22817 which was about the expression parameter...

8.1CVSS7.8AI score0.01703EPSS
Exploits0References1
Prion
Prion
added 2024/01/19 8:15 p.m.29 views

Code injection

Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than CVE-2022-22817 which was about the expression parameter...

5.1CVSS9.4AI score0.03399EPSS
Exploits0References5Affected Software2
F5 Networks
F5 Networks
added 2023/02/21 6:48 p.m.52 views

K23413369: Python-Pillow vulnerabilities CVE-2022-22816, CVE-2022-22817

Security Advisory Description pathgetbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization of ImagePath.Path. CVE-2022-22816 PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitrary expressions, such as ones that use the Python exec method. A lambda...

9.8CVSS6.8AI score0.03399EPSS
Exploits0
OpenVAS
OpenVAS
added 2023/01/31 12:0 a.m.20 views

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2023-1288)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.2AI score0.03399EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2022/11/15 12:0 a.m.25 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : python-pillow Multiple Vulnerabilities (NS-SA-2022-0081)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has python-pillow packages installed that are affected by multiple vulnerabilities: - pathgetbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization of ImagePath.Path. CVE-2022-22816 -...

9.8CVSS7.4AI score0.03399EPSS
Exploits0References5
OSV
OSV
added 2022/10/24 12:56 p.m.4 views

USN-5227-3 pillow vulnerability

USN-5227-1 fixed vulnerabilities in Pillow. It was discovered that the fix for CVE-2022-22817 was incomplete. This update fixes the problem. Original advisory details: It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a...

9.8CVSS7AI score0.03399EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/07/14 12:0 a.m.28 views

EulerOS Virtualization 2.10.1 : python-pillow (EulerOS-SA-2022-2065)

According to the versions of the python-pillow package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - pathgetbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path. CVE-2022-22815 - pathgetbbox in path.c ...

9.8CVSS7.2AI score0.03399EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2022/05/19 12:0 a.m.17 views

Mageia: Security Advisory (MGASA-2022-0166)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.7AI score0.03399EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2022/05/09 12:0 a.m.19 views

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2022-1690)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.5AI score0.03399EPSS
Exploits0References2
Amazon
Amazon
added 2022/04/27 12:0 a.m.70 views

Important: python-pillow

Issue Overview: A flaw was found in python-pillow. The vulnerability occurs due to improper initialization of image paths, leading to a buffer over-read and improper initialization. This flaw allows an attacker to unauthorized memory access that causes memory access errors, incorrect results, or...

9.8CVSS7.2AI score0.03399EPSS
Exploits0
OpenVAS
OpenVAS
added 2022/04/25 12:0 a.m.20 views

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2022-1583)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.5AI score0.03399EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/04/20 12:0 a.m.21 views

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2022-1436)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.5AI score0.03399EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/04/20 12:0 a.m.17 views

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2022-1495)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.5AI score0.03399EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/04/20 12:0 a.m.16 views

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2022-1457)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.5AI score0.03399EPSS
Exploits0References2
Rows per page
Query Builder