Amazon Linux 2023 : python3-pillow, python3-pillow-devel, python3-pillow-tk (ALAS2023-2026-1712)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1712 advisory. Pillow is a Python imaging library. Prior to version 12.2.0, if a font advances for each glyph by an exceeding large amount, when Pillow keeps track of the current position, it may lead to an...

USN-8135-1: Pillow vulnerabilities

It was discovered that Pillow did not correctly handle reading J2K files, which could lead to an out-of-bounds read vulnerability. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. This issue...

USN-8135-1 pillow vulnerabilities

It was discovered that Pillow did not correctly handle reading J2K files, which could lead to an out-of-bounds read vulnerability. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. This issue...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Pillow vulnerabilities (USN-8135-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8135-1 advisory. It was discovered that Pillow did not correctly handle reading J2K files, which could lead to an out-of- bounds read vulnerabilit...

MiracleLinux 8 : python-pillow-5.1.1-10.el8 (AXSA:2020-206:02)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-206:02 advisory. python-pillow: out-of-bounds write in expandrow in libImaging/SgiRleDecode.c CVE-2020-5311 python-pillow: improperly restricted operations on memory...

TencentOS Server 4: python-pillow (TSSA-2024:0923)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0923 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

Alibaba Cloud Linux 3 : 0012: python-pillow (ALINUX3-SA-2022:0012)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0012 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2019-16865: An issue was discovered in...

USN-6618-1 pillow vulnerabilities

It was discovered that Pillow incorrectly handled certain long text arguments. An attacker could possibly use this issue to cause Pillow to consume resources, leading to a denial of service. This issue only affected Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. CVE-2023-44271 Duarte Santos discovered...

Important: python-pillow

Issue Overview: An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is a negative-offset memcpy with an invalid size. CVE-2021-25290 An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is an out-of-bounds read in TiffreadRGBATile via invalid tile boundaries...

Ubuntu 20.04 LTS / 22.04 LTS : Pillow vulnerabilities (USN-5777-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5777-1 advisory. It was discovered that Pillow incorrectly handled the deletion of temporary files when using a temporary directory that contains spaces. An...

USN-5227-2: Pillow vulnerabilities

USN-5227-1 fixed several vulnerabilities in Pillow. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a...

USN-5227-2 pillow vulnerabilities

USN-5227-1 fixed several vulnerabilities in Pillow. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a...

USN-5227-1 pillow vulnerabilities

It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to hang, resulting in a denial of service. CVE-2021-23437 It was discovered that Pillow incorrectly handled...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : Pillow vulnerabilities (USN-4763-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4763-1 advisory. It was discovered that Pillow incorrectly handled certain Tiff image files. If a user or automated system were tricked into openi...

USN-4697-1 pillow vulnerabilities

It was discovered that Pillow incorrectly handled certain PCX image files. If a user or automated system were tricked into opening a specially-crafted PCX file, a remote attacker could possibly cause Pillow to crash, resulting in a denial of service. CVE-2020-35653 It was discovered that Pillow...

MGASA-2020-0434 Updated python-pillow packages fix security vulnerabilities

Pillow before 6.2.3 and 7.x before 7.0.1 has multiple out-of-bounds reads in libImaging/FliDecode.c CVE-2020-10177. In libImaging/PcxDecode.c in Pillow before 6.2.3 and 7.x before 7.0.1, an out-of-bounds read can occur when reading PCX files where state-shuffle is instructed to read beyond...

Ubuntu 20.04 LTS : Pillow vulnerabilities (USN-4430-2)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4430-2 advisory. USN-4430-1 fixed vulnerabilities in Pillow. This update provides the corresponding updates for Ubuntu 20.04 LTS. Tenable has extracted the preceding...

USN-4430-2 pillow vulnerabilities

USN-4430-1 fixed vulnerabilities in Pillow. This update provides the corresponding updates for Ubuntu 20.04 LTS. Original advisory details: It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted image file...

USN-4430-2: Pillow vulnerabilities

USN-4430-1 fixed vulnerabilities in Pillow. This update provides the corresponding updates for Ubuntu 20.04 LTS. Original advisory details: It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted image file...

Ubuntu 16.04 LTS / 18.04 LTS : Pillow vulnerabilities (USN-4430-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4430-1 advisory. It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a...