SUSE CVE-2014-3589

PIL/IcnsImagePlugin.py in Python Imaging Library PIL and Pillow before 2.3.2 and 2.5.x before 2.5.2 allows remote attackers to cause a denial of service via a crafted block size...

SUSE CVE-2016-2533

Buffer overflow in the ImagingPcdDecode function in PcdDecode.c in Pillow before 3.1.1 and Python Imaging Library PIL 1.1.7 and earlier allows remote attackers to cause a denial of service crash via a crafted PhotoCD file...

SUSE CVE-2021-34552

Pillow through 8.2.0 and PIL aka Python Imaging Library through 1.1.7 allow an attacker to pass controlled parameters directly into a convert function to trigger a buffer overflow in Convert.c...

Pillow denial of service via Crafted Block Size

PIL/IcnsImagePlugin.py in Python Imaging Library PIL and Pillow before 2.3.2 and 2.5.x before 2.5.2 allows remote attackers to cause a denial of service via a crafted block size...

GHSA-CFMR-38G9-F2H7 Pillow denial of service via Crafted Block Size

PIL/IcnsImagePlugin.py in Python Imaging Library PIL and Pillow before 2.3.2 and 2.5.x before 2.5.2 allows remote attackers to cause a denial of service via a crafted block size...

Mageia: Security Advisory (MGASA-2014-0159)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2014-0158)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2014-0343)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2014-0476)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Improper Initialization in Pillow

Pillow is the friendly PIL Python Imaging Library fork. pathgetbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path...

GHSA-PW3C-H7WP-CVHX Improper Initialization in Pillow

Pillow is the friendly PIL Python Imaging Library fork. pathgetbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path...

The vulnerability lies in the implementation of the convert() function or ImagingConvertTransparent(), which is used in the Pillow and PIL image processing libraries. This allows an attacker to cause a denial-of-service attack.

The vulnerability in the implementation of the convert function or ImagingConvertTransparent method of the Pillow and Python Imaging Library for working with images involves copying buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to cause...

[SECURITY] [DLA 2716-1] pillow security update

Debian LTS Advisory DLA-2716-1 [email protected] https://www.debian.org/lts/security/ Neil Williams July 22, 2021 https://wiki.debian.org/LTS Package : pillow Version : 4.0.0-4+deb9u3 CVE ID : CVE-2020-35653 CVE-2021-25290 CVE-2021-28676 CVE-2021-28677 CVE-2021-34552 Debian Bug : 991293...

Pillow: Multiple vulnerabilities

Background Python Imaging Library fork Description Multiple vulnerabilities have been discovered in Pillow. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaround at this time...

DEBIAN-CVE-2021-34552

Pillow through 8.2.0 and PIL aka Python Imaging Library through 1.1.7 allow an attacker to pass controlled parameters directly into a convert function to trigger a buffer overflow in Convert.c...

CVE-2021-34552

Pillow through 8.2.0 and PIL aka Python Imaging Library through 1.1.7 allow an attacker to pass controlled parameters directly into a convert function to trigger a buffer overflow in Convert.c...

ALPINE-CVE-2021-34552

Pillow through 8.2.0 and PIL aka Python Imaging Library through 1.1.7 allow an attacker to pass controlled parameters directly into a convert function to trigger a buffer overflow in Convert.c...

PYSEC-2021-331

Pillow through 8.2.0 and PIL aka Python Imaging Library through 1.1.7 allow an attacker to pass controlled parameters directly into a convert function to trigger a buffer overflow in Convert.c...

Buffer overflow

Pillow through 8.2.0 and PIL aka Python Imaging Library through 1.1.7 allow an attacker to pass controlled parameters directly into a convert function to trigger a buffer overflow in Convert.c...

UBUNTU-CVE-2021-34552

Pillow through 8.2.0 and PIL aka Python Imaging Library through 1.1.7 allow an attacker to pass controlled parameters directly into a convert function to trigger a buffer overflow in Convert.c...