Design/Logic Flaw

For certain valid JPEG XL images with a size slightly larger than an integer number of groups 256x256 pixels when processing the groups out of order the decoder can perform an out of bounds copy of image pixels from an image buffer in the heap to another. This copy can occur when processing the...

CVE-2021-30814

A memory corruption issue was addressed with improved input validation. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted image may lead to arbitrary code execution...

CVE-2021-30814

A memory corruption issue was addressed with improved input validation. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted image may lead to arbitrary code execution...

CVE-2021-30814

A memory corruption issue was addressed with improved input validation. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted image may lead to arbitrary code execution...

CLSA-2021-1635439636 Fix of CVE: CVE-2017-6363, CVE-2021-40145

CVE-2021-40145: check for memory allocation errors processing GD2 images - CVE-2017-6363: make sure transparent index is within bounds of the palette...

Adobe Photoshop 2021 buffer overflow vulnerability

Adobe Photoshop, or "PS" for short, is an image processing software developed and distributed by Adobe. Adobe Photoshop 2021 22.5.1 and earlier versions are vulnerable to a buffer overflow vulnerability. An attacker can exploit this vulnerability to execute arbitrary code...

Adobe Photoshop 2021 memory buffer out-of-bounds access vulnerability

Adobe Photoshop, or "PS" for short, is an image processing software developed and distributed by Adobe. Adobe Photoshop 2021 22.5.1 and earlier versions are vulnerable to a memory buffer out-of-bounds access vulnerability. An attacker can exploit this vulnerability to execute arbitrary code...

Adobe Photoshop 2021 out-of-bounds read vulnerability

Adobe Photoshop, or "PS" for short, is an image processing software developed and distributed by Adobe. Adobe Photoshop 2021 22.5.1 and earlier versions contain an out-of-bounds read vulnerability. An attacker could exploit this vulnerability to elevate privileges...

The vulnerability of the Python Pillow image processing library, related to reading beyond the allowed buffer data limits, allows an attacker to access confidential data and also trigger a denial-of-service attack.

The vulnerability of the image processing library in Python Pillow is related to reading data beyond the acceptable limits during the decoding of a created PCX file. Exploiting this vulnerability can allow an attacker to gain access to confidential data, as well as cause service failures...

About the security content of tvOS 15.1

About the security content of tvOS 15.1 This document describes the security content of tvOS 15.1. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...

CVE-2021-30835

This issue was addressed with improved checks. This issue is fixed in Security Update 2021-005 Catalina, iTunes 12.12 for Windows, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing a maliciously crafted image may lead to arbitrary code execution...

CVE-2021-30847

This issue was addressed with improved checks. This issue is fixed in watchOS 8, macOS Big Sur 11.6, Security Update 2021-005 Catalina, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for Windows. Processing a maliciously crafted image may lead to arbitrary code execution...

Code injection

This issue was addressed with improved checks. This issue is fixed in Security Update 2021-005 Catalina, iTunes 12.12 for Windows, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing a maliciously crafted image may lead to arbitrary code execution...

CVE-2021-30835

This issue was addressed with improved checks. This issue is fixed in Security Update 2021-005 Catalina, iTunes 12.12 for Windows, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing a maliciously crafted image may lead to arbitrary code execution...

CVE-2021-30847

CVE-2021-30847 affects Apple ImageIO on Windows (via iCloud for Windows 13). The vulnerability is a memory corruption issue triggered by processing a malicious image, leading to arbitrary code execution. Apple’s advisory lists the fix as part of iCloud for Windows 13 security content (HT212953) w...

Fedora: Security Advisory for python-pillow (FEDORA-2021-cbfaefb390)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for python2-pillow (FEDORA-2021-9f020cf155)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for python-pillow (FEDORA-2021-9f020cf155)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 34 Update: python-pillow-8.1.2-5.fc34

Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk tk interface, qt PIL image wrapper for Qt, devel developmen...

[SECURITY] Fedora 33 Update: python-pillow-7.2.0-8.fc33

Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk tk interface, qt PIL image wrapper for Qt, devel developmen...