Lucene search
K

13 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2014-3007

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Python Image Library PIL 1.1.7 and earlier and Pillow 2.3 might allow remote attackers to execute arbitrary commands via shell metacharacters in unspecified...

10CVSS8.2AI score0.12055EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.20 views

RHEL 7 : python-pillow (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - python-pillow, python-imaging: command injection issue CVE-2014-3007 - python-pillow: Missing check for...

7.8CVSS7.3AI score0.12055EPSS
Exploits2References12
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.20 views

RHEL 5 : python-pillow (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - python-pillow, python-imaging: command injection issue CVE-2014-3007 - python-pillow: Missing check for...

7.8CVSS7.2AI score0.12055EPSS
Exploits2References9
Tenable Nessus
Tenable Nessus
added 2023/10/05 12:0 a.m.97 views

Amazon Linux 2 : python-pillow (ALAS-2023-2286)

The version of python-pillow installed on the remote host is prior to 2.0.0-23.gitd1c6db8. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2286 advisory. The 1 loaddjpeg function in JpegImagePlugin.py, 2 Ghostscript function in EpsImagePlugin.py, 3 load...

10CVSS8.3AI score0.12055EPSS
Exploits2References8
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.23 views

Mageia: Security Advisory (MGASA-2014-0476)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS6.6AI score0.12055EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2020/04/30 12:0 a.m.282 views

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2020-1532)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.1AI score0.12055EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.29 views

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2019-2437)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS6.9AI score0.12055EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.25 views

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2019-2701)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.3AI score0.12055EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2019/12/04 12:0 a.m.35 views

EulerOS 2.0 SP2 : python-pillow (EulerOS-SA-2019-2437)

According to the versions of the python-pillow package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Pillow before 2.7.0 allows remote attackers to cause a denial of service via a compressed text chunk in a PNG image that has a large size...

10CVSS7AI score0.12055EPSS
Exploits2References11
Tenable Nessus
Tenable Nessus
added 2014/11/24 12:0 a.m.29 views

Fedora 20 : python-pillow-2.2.1-7.fc20 (2014-14883)

Security fix for CVE-2014-3007, updated fix for CVE-2014-1932. Followup fix for CVE-2014-1933. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possibl...

10CVSS8AI score0.12055EPSS
Exploits2References5
OpenVAS
OpenVAS
added 2014/11/23 12:0 a.m.29 views

Fedora Update for python-pillow FEDORA-2014-14980

Check the version of python-pillow SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868509";...

10CVSS7.2AI score0.12055EPSS
Exploits2References2
Mageia
Mageia
added 2014/11/21 12:44 p.m.42 views

Updated python-imaging and python-pillow packages fix security vulnerability

Python Image Library PIL 1.1.7 and earlier and Pillow 2.3 might allow remote attackers to execute arbitrary commands via shell metacharacters, due to an incomplete fix for CVE-2014-1932 CVE-2014-3007...

10CVSS9.4AI score0.12055EPSS
Exploits0References3
CVE
CVE
added 2014/04/27 8:0 p.m.80 views

CVE-2014-3007

The CVE-2014-3007 entry concerns Python Imaging Library (PIL) 1.1.7 and earlier and Pillow 2.3, where command injection could occur via shell metacharacters. Description states vulnerable components include PIL/Pillow-related code and mentions CVE-2014-1932 with possible involvement of JpegImageP...

10CVSS7.8AI score0.12055EPSS
Exploits0References2Affected Software2
Rows per page
Query Builder