Lucene search
K

42 matches found

OSV
OSV
added 2021/06/02 4:15 p.m.3 views

ALPINE-CVE-2021-25288

An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2kugrayi...

9.1CVSS7AI score0.02342EPSS
Exploits0References1
OSV
OSV
added 2021/06/02 4:15 p.m.20 views

CVE-2021-25287

An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2kugrayala...

9.1CVSS9.1AI score0.02876EPSS
Exploits0References4
Prion
Prion
added 2021/06/02 4:15 p.m.17 views

Out-of-bounds

An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2kugrayala...

6.4CVSS8.9AI score0.02876EPSS
Exploits0References4Affected Software2
Prion
Prion
added 2021/06/02 4:15 p.m.30 views

Out-of-bounds

An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2kugrayi...

6.4CVSS8.9AI score0.02342EPSS
Exploits0References4Affected Software2
OSV
OSV
added 2021/06/02 4:15 p.m.41 views

PYSEC-2021-138

An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2kugrayi...

9.1CVSS2.3AI score0.02876EPSS
Exploits0References4
OSV
OSV
added 2021/06/02 4:15 p.m.61 views

PYSEC-2021-137

An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2kugrayala...

9.1CVSS2.3AI score0.02876EPSS
Exploits0References4
Cvelist
Cvelist
added 2021/06/02 3:13 p.m.22 views

CVE-2021-25288

An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2kugrayi...

9.3AI score0.02876EPSS
Exploits0References4
CVE
CVE
added 2021/06/02 3:13 p.m.205 views

CVE-2021-25288

Pillow CVE-2021-25288 is an out-of-bounds read vulnerability in the J2kDecode path (j2ku_gray_i) affecting Pillow before 8.2.0. Multiple sources confirm the flaw; remediation is to upgrade to Pillow 8.2.0 or later. Exploitation details are not provided in the supplied documents.

9.1CVSS8.9AI score0.02876EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2021/06/02 3:13 p.m.35 views

CVE-2021-25288

An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2kugrayi...

9.1CVSS9.2AI score0.02342EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2021/06/02 3:13 p.m.36 views

CVE-2021-25288

An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2kugrayi...

9.1CVSS9.2AI score0.02342EPSS
Exploits0
Cvelist
Cvelist
added 2021/06/02 3:13 p.m.25 views

CVE-2021-25287

An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2kugrayala...

9.3AI score0.02876EPSS
Exploits0References4
CVE
CVE
added 2021/06/02 3:13 p.m.215 views

CVE-2021-25287

Pillow CVE-2021-25287 affects the Python Pillow library prior to 8.2.0, with an out-of-bounds read in J2kDecode (function: j2ku_graya_la). The related CVE-2021-25288 affects J2kDecode in j2ku_gray_i. Public advisories and CNVD entries corroborate the out-of-bounds read in these JPEG 2000 decoding...

9.1CVSS8.9AI score0.02876EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2021/06/02 3:13 p.m.28 views

CVE-2021-25287

An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2kugrayala...

9.1CVSS9.2AI score0.02876EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2021/06/02 3:13 p.m.42 views

CVE-2021-25287

An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2kugrayala...

9.1CVSS9.2AI score0.02876EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2021/05/11 8:55 p.m.44 views

CVE-2021-25287

There is an out-of-bounds read in J2kDecode in j2kugrayala. For J2k images with multiple bands, it’s legal to have different widths for each band, e.g. 1 byte for L, 4 bytes for A. Mitigation To mitigate this feature on Red Hat Quay keep the invoice generation feature disabled as it is by default...

9.1CVSS1.2AI score0.02876EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2021/05/11 8:55 p.m.45 views

CVE-2021-25288

There is an out-of-bounds read in J2kDecode in j2kugrayi. For J2k images with multiple bands, it’s legal to have different widths for each band, e.g. 1 byte for L, 4 bytes for A. Mitigation To mitigate this feature on Red Hat Quay keep the invoice generation feature disabled, as it is by default...

9.1CVSS1.2AI score0.02342EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2021/05/10 12:0 a.m.40 views

CVE-2021-25287

An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2kugrayala...

9.1CVSS6.9AI score0.02876EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2021/05/10 12:0 a.m.41 views

CVE-2021-25288

An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2kugrayi...

9.1CVSS6.9AI score0.02876EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2021/05/10 12:0 a.m.3 views

PT-2021-16502 · Pillow +8 · Pillow +8

Name of the Vulnerable Software and Affected Versions: Pillow versions prior to 8.2.0 Description: An issue was discovered in Pillow. There is an out-of-bounds read in J2kDecode, in j2ku gray i. This issue dates back to Pillow 2.4.0. Recommendations: For Pillow versions prior to 8.2.0, update to...

9.8CVSS6.8AI score0.04851EPSS
Exploits1References177
Positive Technologies
Positive Technologies
added 2021/05/10 12:0 a.m.2 views

PT-2021-16501 · Pillow +8 · Pillow +8

Name of the Vulnerable Software and Affected Versions: Pillow versions prior to 8.2.0 Description: An issue was discovered in Pillow, where there is an out-of-bounds read in J2kDecode, specifically in j2ku graya la and j2ku gray i. This issue dates back to Pillow 2.4.0. Recommendations: For Pillo...

9.8CVSS6.8AI score0.04851EPSS
Exploits1References184
Rows per page
Query Builder