3 matches found
CVE-2017-14038
CrushFTP before 7.8.0 and 8.x before 8.2.0 has a redirect vulnerability...
PT-2021-16502 · Pillow +8 · Pillow +8
Name of the Vulnerable Software and Affected Versions: Pillow versions prior to 8.2.0 Description: An issue was discovered in Pillow. There is an out-of-bounds read in J2kDecode, in j2ku gray i. This issue dates back to Pillow 2.4.0. Recommendations: For Pillow versions prior to 8.2.0, update to...
Pillow 安全漏洞
Pillow is a Python-based image processing library. a denial of service vulnerability exists in versions prior to Pillow 8.2.0, which stems from the fact that for FLI data, FliDecode does not properly check whether the block advance is non-zero, and an attacker can exploit this vulnerability to...