[SECURITY] [DLA 2152-1] graphicsmagick security update

Package : graphicsmagick Version : 1.3.20-3+deb8u9 CVE ID : CVE-2019-12921 A vulnerability was discovered in graphicsmagick, a collection of image processing tools, that allows allows an attacker to read arbitrary files via a crafted image because of TranslateTextEx for SVG. For Debian 8 "Jessie"...

Adobe Photoshop Buffer Overflow Vulnerability (CNVD-2020-17967)

Adobe Photoshop, or "PS" for short, is an image processing software developed and distributed by Adobe. A buffer overflow vulnerability exists in Adobe Photoshop. An attacker could exploit this vulnerability to execute arbitrary code...

Accusoft ImageGear Buffer Overflow Vulnerability (CNVD-2020-16507)

Accusoft ImageGear is a software development kit SDK for image processing from Accusoft, USA. A buffer overflow vulnerability exists in the JPEG raster image parser igcore19d.dll in Accusoft ImageGear version 19.5.0. A remote attacker could exploit this vulnerability to execute code...

CVE-2020-3878

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing a maliciously crafted image may lead to...

CVE-2020-3870

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. Processing a maliciously crafted image may lead to arbitrary code execution...

CVE-2020-3826

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing a maliciously crafted image may lea...

CVE-2020-3826

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing a maliciously crafted image may lea...

Input validation

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. Processing a maliciously crafted image may lead to arbitrary code execution...

CVE-2020-3878

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing a maliciously crafted image may lead to...

RHEL 7 : python-pillow (RHSA-2020:0578)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0578 advisory. The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal...

Oracle Linux 7 : python-pillow (ELSA-2020-0578)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-0578 advisory. - Combined fixes for CVE-2020-5312 and CVE-2019-16865 Resolves: rhbz1789533 Resolves: rhbz1774066 Tenable has extracted the preceding description block...

Important: Red Hat Security Advisory: python-pillow security update

An update for python-pillow is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

Important: Red Hat Security Advisory: python-pillow security update

An update for python-pillow is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

python-pillow: reading specially crafted image files leads to allocation of large amounts of memory and denial of service

A flaw was discovered in the way the python-pillow may allocate a large amount of memory or require a long time while processing specially crafted image files, possibly causing a denial of service. Applications that use the library to process untrusted files may be vulnerable to this flaw...

Apple macOS Catalina Image Processing Component Memory Corruption Vulnerability

Apple macOS Catalina is a specialized operating system developed by Apple for Mac computers, of which Image Processing is a component. A security vulnerability exists in the Image Processing component of Apple macOS Catalina versions prior to 10.15.3. The vulnerability can be exploited to execute...

EulerOS 2.0 SP5 : python-pillow (EulerOS-SA-2020-1128)

According to the versions of the python-pillow package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Pillow before 6.2.0. When reading specially crafted invalid image files, the library can either allocate very...

[SECURITY] Fedora 30 Update: python-pillow-5.4.1-4.fc30

Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk tk interface, qt PIL image wrapper for Qt , devel developme...

Fedora: Security Advisory for python-pillow (FEDORA-2020-5cdbb19cca)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

USN-4266-1: GraphicsMagick vulnerabilities

It was discovered that GraphicsMagick incorrectly handled certain image files. An attacker could possibly use this issue to cause a denial of service or other unspecified impact...

[SECURITY] Fedora 31 Update: python-pillow-6.2.2-1.fc31

Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk tk interface, qt PIL image wrapper for Qt , devel developme...