190 matches found
SUSE CVE-2018-1000039
In Artifex MuPDF 1.12.0 and earlier, multiple heap use after free bugs in the PDF parser could allow an attacker to execute arbitrary code, read memory, or cause a denial of service via a crafted file...
SUSE CVE-2018-1000040
In Artifex MuPDF 1.12.0 and earlier, multiple use of uninitialized value bugs in the PDF parser could allow an attacker to cause a denial of service crash or influence program flow via a crafted file...
SUSE CVE-2021-25292
An issue was discovered in Pillow before 8.1.1. The PDF parser allows a regular expression DoS ReDoS attack via a crafted PDF file because of a catastrophic backtracking regex...
GHSA-RCRX-FPJP-MFRW Unchecked Return Value to NULL Pointer Dereference in PDFDocumentHandler.cpp
Impact The package muhammara before 2.6.0; all versions of package hummus are vulnerable to Denial of Service DoS when supplied with a maliciously crafted PDF file to be appended to another. Patches It has been patched in 2.6.0 for muhammara and not at all for hummus Workarounds Do not process...
AlmaLinux 8 : python-pillow (ALSA-2021:4149)
The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2021:4149 advisory. - In Pillow before 8.1.0, PcxDecode has a buffer over-read when decoding a crafted PCX file because the user-supplied stride value is trusted for buffer...
EulerOS Virtualization 2.9.1 : python-pillow (EulerOS-SA-2021-2731)
According to the versions of the python-pillow package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service ReDoS via the getrgb...
EulerOS Virtualization 2.9.0 : python-pillow (EulerOS-SA-2021-2775)
According to the versions of the python-pillow package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service ReDoS via the getrgb...
Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2021-2775)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP9 : python-pillow (EulerOS-SA-2021-2564)
According to the versions of the python-pillow package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Pillow before 8.1.1. TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of...
EulerOS 2.0 SP9 : python-pillow (EulerOS-SA-2021-2540)
According to the versions of the python-pillow package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Pillow before 8.1.1. TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of...
EulerOS 2.0 SP8 : python-pillow (EulerOS-SA-2021-2481)
According to the versions of the python-pillow packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Pillow before 8.1.0, SGIRleDecode has a 4-byte buffer over-read when decoding crafted SGI RLE image files because offsets and length...
Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2021-2481)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2021:1939-1 Security update for python-Pillow
This update for python-Pillow fixes the following issues: - CVE-2021-25292: Fixed a backtracking regex in PDF parser could be used as a DOS attack bsc1183101. - CVE-2021-25290: Fixed a negative-offset memcpy with an invalid size in TiffDecode.c bsc1183105. - CVE-2021-27922,CVE-2021-27923: Fixed...
SUSE: Security Advisory (SUSE-SU-2021:1174-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for clamav (openSUSE-SU-2021:0555-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
OPENSUSE-SU-2021:0555-1 Security update for clamav
This update for clamav fixes the following issues: - CVE-2021-1252: Fix for Excel XLM parser infinite loop. bsc1184532 - CVE-2021-1404: Fix for PDF parser buffer over-read; possible crash. bsc1184533 - CVE-2021-1405: Fix for mail parser NULL-dereference crash. bsc1184534 - Fix errors when scannin...
SUSE SLES12 Security Update : clamav (SUSE-SU-2021:1189-1)
This update for clamav fixes the following issues : CVE-2021-1252: Fix for Excel XLM parser infinite loop. bsc1184532 CVE-2021-1404: Fix for PDF parser buffer over-read; possible crash. bsc1184533 CVE-2021-1405: Fix for mail parser NULL-dereference crash. bsc1184534 Fix errors when scanning files...
SUSE SLED15 / SLES15 Security Update : clamav (SUSE-SU-2021:1190-1)
This update for clamav fixes the following issues : CVE-2021-1252: Fix for Excel XLM parser infinite loop. bsc1184532 CVE-2021-1404: Fix for PDF parser buffer over-read; possible crash. bsc1184533 CVE-2021-1405: Fix for mail parser NULL-dereference crash. bsc1184534 Fix errors when scanning files...
Security update for clamav (important)
openSUSE Security Update: Security update for clamav Announcement ID: openSUSE-SU-2021:0555-1 Rating: important References: 1181256 1184532 1184533 1184534 Cross-References: CVE-2021-1252 CVE-2021-1404 CVE-2021-1405 CVSS scores: CVE-2021-1252 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H...
SUSE-SU-2021:1189-1 Security update for clamav
This update for clamav fixes the following issues: - CVE-2021-1252: Fix for Excel XLM parser infinite loop. bsc1184532 - CVE-2021-1404: Fix for PDF parser buffer over-read; possible crash. bsc1184533 - CVE-2021-1405: Fix for mail parser NULL-dereference crash. bsc1184534 - Fix errors when scannin...