42 matches found
ALPINE-CVE-2021-25288
An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2kugrayi...
CVE-2021-25287
An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2kugrayala...
Out-of-bounds
An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2kugrayala...
Out-of-bounds
An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2kugrayi...
PYSEC-2021-138
An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2kugrayi...
PYSEC-2021-137
An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2kugrayala...
CVE-2021-25288
An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2kugrayi...
CVE-2021-25288
Pillow CVE-2021-25288 is an out-of-bounds read vulnerability in the J2kDecode path (j2ku_gray_i) affecting Pillow before 8.2.0. Multiple sources confirm the flaw; remediation is to upgrade to Pillow 8.2.0 or later. Exploitation details are not provided in the supplied documents.
CVE-2021-25288
An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2kugrayi...
CVE-2021-25288
An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2kugrayi...
CVE-2021-25287
An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2kugrayala...
CVE-2021-25287
Pillow CVE-2021-25287 affects the Python Pillow library prior to 8.2.0, with an out-of-bounds read in J2kDecode (function: j2ku_graya_la). The related CVE-2021-25288 affects J2kDecode in j2ku_gray_i. Public advisories and CNVD entries corroborate the out-of-bounds read in these JPEG 2000 decoding...
CVE-2021-25287
An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2kugrayala...
CVE-2021-25287
An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2kugrayala...
CVE-2021-25287
There is an out-of-bounds read in J2kDecode in j2kugrayala. For J2k images with multiple bands, it’s legal to have different widths for each band, e.g. 1 byte for L, 4 bytes for A. Mitigation To mitigate this feature on Red Hat Quay keep the invoice generation feature disabled as it is by default...
CVE-2021-25288
There is an out-of-bounds read in J2kDecode in j2kugrayi. For J2k images with multiple bands, it’s legal to have different widths for each band, e.g. 1 byte for L, 4 bytes for A. Mitigation To mitigate this feature on Red Hat Quay keep the invoice generation feature disabled, as it is by default...
CVE-2021-25287
An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2kugrayala...
CVE-2021-25288
An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2kugrayi...
PT-2021-16502 · Pillow +8 · Pillow +8
Name of the Vulnerable Software and Affected Versions: Pillow versions prior to 8.2.0 Description: An issue was discovered in Pillow. There is an out-of-bounds read in J2kDecode, in j2ku gray i. This issue dates back to Pillow 2.4.0. Recommendations: For Pillow versions prior to 8.2.0, update to...
PT-2021-16501 · Pillow +8 · Pillow +8
Name of the Vulnerable Software and Affected Versions: Pillow versions prior to 8.2.0 Description: An issue was discovered in Pillow, where there is an out-of-bounds read in J2kDecode, specifically in j2ku graya la and j2ku gray i. This issue dates back to Pillow 2.4.0. Recommendations: For Pillo...