7 matches found
EUVD-2026-41901
Pillow is a Python imaging library. Prior to 12.3.0, PIL/GdImageFile.py GdImageFile.open read image dimensions from the GD 2.x header and stored them in self.size without calling Image.decompressionbombcheck, allowing a crafted .gd file to trigger excessive C-heap allocation when loaded. This iss...
Important: python-pillow
Issue Overview: Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than CVE-2022-22817 which was about the expression parameter. CVE-2023-50447 Affected Packages: python-pillow Note: This advisory is applicable to Amaz...
The vulnerability of the Convert.c component in the Pillow image processing library, related to buffer overflow in memory, allows an attacker to access confidential data, compromise its integrity, and cause service interruptions.
The vulnerability of the Convert.c component in the Pillow image processing library relates to the ability to pass parameters directly to the function. Exploiting this vulnerability can allow a remote attacker to gain access to confidential data, compromise its integrity, and cause service failur...
CVE-2021-28676
An issue was discovered in Pillow before 8.2.0. For FLI data, FliDecode did not properly check that the block advance was non-zero, potentially leading to an infinite loop on load...
Pillow 缓冲区错误漏洞
Python Imaging Library PIL is a free library for the Python programming language that supports opening, manipulating, and saving a wide range of image file formats.Pillow is a PIL branch. An out-of-bounds read vulnerability exists in the j2kugrayi function in J2kDecode in versions of Pillow prior...
The vulnerability of the Pillow image processing library, related to unlimited resource distribution, allows a hacker to cause a service failure.
The vulnerability of the Pillow image processing library is related to the unlimited distribution of resources. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures by creating specially crafted image files...
The vulnerability of the _open_index function in the FpxImagePlugin.py library, a library for working with images from Pillow, related to integer overflow, allows a hacker to cause a service failure.
The vulnerability of the openindex function in the FpxImagePlugin.py library, a library for working with images, relates to a lack of mechanisms for controlling resource consumption. Exploiting this vulnerability allows an attacker who operates remotely to cause service interruptions...