20 matches found
Pillow has a heap buffer overflow with nested list coordinates
Passing nested lists as coordinates to APIs that accept coordinates such as ImagePath.Path, ImageDraw.ImageDraw.polygon and ImageDraw.ImageDraw.line could cause a heap buffer overflow, as nested lists were recursively unpacked beyond the allocated buffer. Coordinate lists are now validated to...
Rocky Linux 8 : python-pillow (RLSA-2024:3005)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:3005 advisory. python-pillow: uncontrolled resource consumption when textlength in an ImageDraw instance operates on a long text argument CVE-2023-44271 Tenable has extracted t...
CentOS 8 : python-pillow (CESA-2024:3005)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2024:3005 advisory. - An issue was discovered in Pillow before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process a given task, potentially causing a...
GLSA-202405-12 : Pillow: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202405-12 Pillow: Multiple Vulnerabilities - An issue was discovered in Pillow before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process a given task, potentially causing a service to crash by having...
Updated python-pillow packages fix security vulnerabilities
CVE-2023-44271 Denial of Service that uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for truetype in ImageFont when textlength in an ImageDraw instance operates on a long text argument. CVE-2024-28219 A...
Amazon Linux 2 : python-pillow (ALAS-2024-2508)
The version of python-pillow installed on the remote host is prior to 2.0.0-23.gitd1c6db8. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2508 advisory. An issue was discovered in Pillow before 10.0.0. It is a Denial of Service that uncontrollably allocates memory t...
EulerOS Virtualization 2.11.1 : python-pillow (EulerOS-SA-2024-1420)
According to the versions of the python-pillow package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Pillow before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process ...
EulerOS Virtualization 2.11.0 : python-pillow (EulerOS-SA-2024-1448)
According to the versions of the python-pillow package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Pillow before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process ...
EulerOS Virtualization 2.10.1 : python-pillow (EulerOS-SA-2024-1368)
According to the versions of the python-pillow package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Pillow before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process ...
BIT-PILLOW-2023-44271
An issue was discovered in Pillow before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for truetype in ImageFont when textlength in an ImageDraw instance operates o...
RHEL 7 : python-pillow (RHSA-2024:0345)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0345 advisory. The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representatio...
python-pillow: uncontrolled resource consumption when textlength in an ImageDraw instance operates on a long text argument
A flaw was found in Pillow. A denial of service issue uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for TrueType in ImageFont when text length in an ImageDraw instance operates on a long text argument...
EulerOS 2.0 SP10 : python-pillow (EulerOS-SA-2024-1071)
According to the versions of the python-pillow package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Pillow before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process a given task,...
Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2024-1071)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OESA-2023-1856 python-pillow security update
Pillow is the friendly PIL fork by Alex Clark and Contributors. PIL is the Python Imaging \ Library by Fredrik Lundh and Contributors. As of 2019, Pillow development is supported by Tidelift. %package -n python3-pillow Summary: Python 3 image processing library Provides: python3-imaging = -...
CVE-2023-44271
A flaw was found in Pillow. A denial of service issue uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for TrueType in ImageFont when text length in an ImageDraw instance operates on a long text argument...
CVE-2023-44271
An issue was discovered in Pillow before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for truetype in ImageFont when textlength in an ImageDraw instance operates o...
UBUNTU-CVE-2023-44271
An issue was discovered in Pillow before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for truetype in ImageFont when textlength in an ImageDraw instance operates o...
CVE-2023-44271
An issue was discovered in Pillow before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for truetype in ImageFont when textlength in an ImageDraw instance operates o...
CVE-2023-44271
An issue was discovered in Pillow before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for truetype in ImageFont when textlength in an ImageDraw instance operates o...