psd-tools: Compression module has unguarded zlib decompression, missing dimension validation, and hardening gaps

Summary A security review of the psdtools.compression module conducted against the fix/invalid-rle-compression branch, commits 7490ffa–2a006f5 identified the following pre-existing issues. The two findings introduced and fixed by those commits Cython buffer overflow, IndexError on lone repeat...

CVE-2025-12359

CVE-2025-12359 : The WordPress plugin Responsive Lightbox & Gallery (versions up to 2.5.3) is affected by an authenticated SSRF in get_image_size_by_url due to insufficient validation of user-supplied URLs when determining image dimensions for gallery items. Exploitation requires Author+ privileg...

Linux Distros Unpatched Vulnerability : CVE-2020-6851

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenJPEG through 2.3.1 has a heap-based buffer overflow in opjt1clbldecodeprocessor in openjp2/t1.c because of lack of opjj2kupdateimagedimensions validation...

SUSE CVE-2020-6851

OpenJPEG through 2.3.1 has a heap-based buffer overflow in opjt1clbldecodeprocessor in openjp2/t1.c because of lack of opjj2kupdateimagedimensions validation...