ALPINE-CVE-2022-44617

A flaw was found in libXpm. When processing a file with width of 0 and a very large height, some parser functions will be called repeatedly and can lead to an infinite loop, resulting in a Denial of Service in the application linked to the library...

SUSE: Security Advisory (SUSE-SU-2023:0187-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DEBIAN-CVE-2022-48281

processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based buffer overflow e.g., "WRITE of size 307203" via a crafted TIFF image...

libXpm 安全漏洞

libXpm is an image file format library from lib open source. A security vulnerability exists in libXpm. An attacker exploited the vulnerability to cause an application denial of service...

OpenImageIO Stack Buffer Overflow Vulnerability

OpenImageIO is an image read and write library that also provides several tools and applications. A stack buffer overflow vulnerability exists in the TGA file format parser in OpenImageIO v2.3.19.0. An attacker could exploit this vulnerability to cause out-of-bounds writes and arbitrary code...

OpenImageIO code execution vulnerability

OpenImageIO is an image read and write library that also provides several tools and applications. a code execution vulnerability exists in the OpenImageIO DDS scanline parsing feature. An attacker could exploit the vulnerability to cause a heap buffer overflow via a specially crafted .dds...

OpenImageIO Out-of-Bounds Write Vulnerability

OpenImageIO is an image read/write library, along with a number of tools and applications. OpenImageIO suffers from an out-of-bounds write vulnerability, which is caused by an out-of-bounds write flaw in the OpenImageIO::addexixitemtospec function. An attacker could use this vulnerability to...

USN-5742-1 jbigkit vulnerability

It was discovered that JBIG-KIT incorrectly handled decoding certain large image files. If a user or automated system using JBIG-KIT were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service...

Pillow 资源管理错误漏洞

Pillow is a Python based image processing library. A security vulnerability exists in Pillow versions prior to 9.3.0 that stems from allowing denial of service via SAMPLESPERPIXEL...

UBUNTU-CVE-2021-37789

stbimage.h 2.27 has a heap-based buffer over in stbijpegload, leading to Information Disclosure or Denial of Service...

USN-5664-1: OpenJPEG vulnerabilities

It was discovered that OpenJPEG did not properly handle PNM headers, resulting in a null pointer dereference. A remote attacker could possibly use this issue to cause a denial of service DoS. CVE-2016-7445 It was discovered that OpenJPEG incorrectly handled certain image files resulting in divisi...

The vulnerability of the command-line parameter -ImgDir in the OpenJPEG library for image encoding and decoding allows a attacker to trigger a service failure.

The vulnerability of the “command-line parameter -imgDir” in the OpenJPEG image encoding and decoding library is related to incorrect handling of directories containing a large number of files. Exploiting this vulnerability allows an attacker to cause service failures remotely...

The vulnerability of the DGifDecompressLine function in the dgif_lib.c component of the GIFLIB library allows a perpetrator to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the DGifDecompressLine function in the dgiflib.c component of the GIF file processing library GIFLIB is related to the lack of array index checking. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause servi...

The vulnerability of the tif_unix.c component in the LibTIFF library allows a hacker to cause a service failure.

The vulnerability of the tifunix.c component in the LibTIFF library is related to reading data beyond the allowable buffer size. Exploiting this vulnerability allows a remote attacker to cause service interruptions...

Libraw 缓冲区错误漏洞

Libraw is a C++ library from Libraw Inc. for processing RAW CRW/CR2, NEF, RAF, DNG, andothers format images, supporting various operating systems. A security vulnerability exists in Libraw, which stems from an out-of-bounds read in the adobecopypixel function when reading data from an image file...

[SECURITY] Fedora 36 Update: OpenImageIO-2.3.18.0-2.fc36

OpenImageIO is a library for reading and writing images, and a bunch of relat ed classes, utilities, and applications. Main features include: - Extremely simple but powerful ImageInput and ImageOutput APIs for reading a nd writing 2D images that is format agnostic. - Format plugins for TIFF,...

08cms (=1.0.0), 18a58t9c-upload (>=1.0.0 <=1.0.3) +3477 more potentially affected by CVE-2022-25851 via jpeg-js (>=0.0.1 <=0.4.3)

jpeg-js NPM version =0.0.1, =1.0.0, =0.1.0, =1.0.0, =1.0.0, =0.0.2, =0.0.1, =0.0.3, =1.0.0, =0.0.2, =2.2.1, =3.4.7 - @lan/uni-libs =0.0.3 and more Source cves: CVE-2022-25851 Source advisory: SNYK:JS-JPEGJS-2859218...

Pillow command injection

Python Image Library PIL 1.1.7 and earlier and Pillow before 2.5.0 might allow remote attackers to execute arbitrary commands via shell metacharacters in unspecified vectors related to CVE-2014-1932, possibly JpegImagePlugin.py...

GHSA-8M9X-PXWQ-J236 Pillow command injection

Python Image Library PIL 1.1.7 and earlier and Pillow before 2.5.0 might allow remote attackers to execute arbitrary commands via shell metacharacters in unspecified vectors related to CVE-2014-1932, possibly JpegImagePlugin.py...

PIL and Pillow Vulnerable to Symlink Attack on Tmpfiles

The 1 loaddjpeg function in JpegImagePlugin.py, 2 Ghostscript function in EpsImagePlugin.py, 3 load function in IptcImagePlugin.py, and 4 copy function in Image.py in Python Image Library PIL 1.1.7 and earlier and Pillow before 2.3.1 do not properly create temporary files, which allow local users...