56 matches found
MiracleLinux 8 : python-pillow-5.1.1-21.el8_10 (AXSA:2024-8509:05)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8509:05 advisory. python-pillow: buffer overflow in imagingcms.c CVE-2024-28219 Tenable has extracted the preceding description block directly from the MiracleLinux security...
CVE-2024-28219
creationtimestamp| type| source ---|---|--- 2025-07-22 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-203-04...
TencentOS Server 4: python-pillow (TSSA-2024:0923)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0923 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
TencentOS Server 3: python-pillow (TSSA-2024:0292)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0292 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2025-1450)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2025-1479)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Alibaba Cloud Linux 3 : 0213: python-pillow (ALINUX3-SA-2024:0213)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0213 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-28219: In imagingcms.c in Pillow before...
Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to pillow-10.2.0-cp38-cp38-manylinux_2_28_x86_64.whl CVE-2024-28219
Summary IBM Maximo Application Suite - Monitor Component is vulnerable to pillow-10.2.0-cp38-cp38-manylinux228x8664.whl CVE-2024-28219. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-28219 DESCRIPTION: Pillow is vulnerable to a buff...
openSUSE Security Advisory (SUSE-SU-2024:1258-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: IBM Cloud Pak for Network Automation 2.7.5 addresses multiple security vulnerabilities.
Summary IBM Cloud Pak for Network Automation 2.7.5 addresses multiple security vulnerabilities. Vulnerability Details CVEID:CVE-2024-32879 DESCRIPTION: Python Social Auth Django could allow a remote authenticated attacker to bypass security restrictions, caused by improper handling of case...
GLSA-202411-07 : Pillow: Arbitrary code execution
The remote host is affected by the vulnerability described in GLSA-202411-07 Pillow: Arbitrary code execution A vulnerability has been discovered in Pillow. Please review the CVE identifier referenced below for details. Tenable has extracted the preceding description block directly from the Gento...
Medium: python-pillow
Issue Overview: In imagingcms.c, two strcpy calls were able to copy too much data into fixed length strings. This has been fixed by using strncpy instead. CVE-2024-28219 Affected Packages: python-pillow Issue Correction: Run dnf update python-pillow --releasever 2023.6.20241111 to update your...
Medium: python-pillow
Issue Overview: In imagingcms.c, two strcpy calls were able to copy too much data into fixed length strings. This has been fixed by using strncpy instead. CVE-2024-28219 Affected Packages: python-pillow Issue Correction: Run dnf update python-pillow --releasever 2023.6.20241111 or dnf update...
Amazon Linux 2023 : python3-pillow, python3-pillow-devel, python3-pillow-tk (ALAS2023-2024-767)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-767 advisory. In imagingcms.c, two strcpy calls were able to copy too much data into fixed length strings. This has been fixed by using strncpy instead. CVE-2024-28219 Tenable has extracted the preceding description...
Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2024-2488)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2024-2378)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2024-2403)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP9 : python-pillow (EulerOS-SA-2024-2403)
According to the versions of the python-pillow package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy.CVE-2024-28219 Tenable has...
EulerOS 2.0 SP9 : python-pillow (EulerOS-SA-2024-2378)
According to the versions of the python-pillow package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy.CVE-2024-28219 Tenable has...
Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2024-2336)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...