22 matches found
Linux Distros Unpatched Vulnerability : CVE-2016-0775
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer overflow in the ImagingFliDecode function in libImaging/FliDecode.c in Pillow before 3.1.1 allows remote attackers to cause a denial of service crash via...
Medium: python-pillow
Issue Overview: Buffer overflow in the ImagingFliDecode function in libImaging/FliDecode.c in Pillow before 3.1.1 allows remote attackers to cause a denial of service crash via a crafted FLI file. CVE-2016-0775 Affected Packages: python-pillow Note: This advisory is applicable to Amazon Linux 2 A...
Medium: python-pillow
Issue Overview: Buffer overflow in the ImagingFliDecode function in libImaging/FliDecode.c in Pillow before 3.1.1 allows remote attackers to cause a denial of service crash via a crafted FLI file. CVE-2016-0775 Affected Packages: python-pillow Note: This advisory is applicable to Amazon Linux 2 A...
Debian: Security Advisory (DLA-422-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization for ARM 64 3.0.2.0 : python-pillow (EulerOS-SA-2020-1244)
According to the versions of the python-pillow package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - A memory disclosure vulnerability was found in python-pillow. Functions in map.c failed to check for image...
Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2019-2226)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2019-2437)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP2 : python-pillow (EulerOS-SA-2019-2437)
According to the versions of the python-pillow package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Pillow before 2.7.0 allows remote attackers to cause a denial of service via a compressed text chunk in a PNG image that has a large size...
Ubuntu: Security Advisory (USN-3080-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-3090-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 14.04 LTS : Pillow vulnerabilities (USN-3090-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3090-1 advisory. It was discovered that a flaw in processing a compressed text chunk in a PNG image could cause the image to have a large size when decompressed,...
Ubuntu 12.04 LTS : python-imaging vulnerabilities (USN-3080-1)
Eric Soroos discovered that the Python Imaging Library incorrectly handled certain malformed FLI or PhotoCD files. A remote attacker could use this issue to cause Python Imaging Library to crash, resulting in a denial of service. CVE-2016-0775, CVE-2016-2533 Andrew Drake discovered that the Pytho...
USN-3080-1: Python Imaging Library vulnerabilities
Eric Soroos discovered that the Python Imaging Library incorrectly handled certain malformed FLI or PhotoCD files. A remote attacker could use this issue to cause Python Imaging Library to crash, resulting in a denial of service. CVE-2016-0775, CVE-2016-2533 Andrew Drake discovered that the Pytho...
CVE-2016-0775
Pillow (Python Imaging Library fork) contains a buffer overflow in ImagingFliDecode (libImaging/FliDecode.c) that affects versions before 3.1.1. A crafted FLI file can crash the process (DoS) or, per some sources, enable arbitrary code execution in affected contexts. The issue is documented acros...
openSUSE Security Update : python-Pillow (openSUSE-2016-339)
This update for python-Pillow fixes the following issues : - backport security fixes from 3.1.1 Pillow-overflows.patch : - Fixed an integer overflow in Resample.c causing writes in the Python heap. - Fixed a buffer overflow in PcdDecode.c causing a segfault when opening PhotoCD files. CVE-2016-TB...
Fedora 22 : python-pillow-2.8.2-4.fc22 (2016-4d00dca15a)
This update fixes the python3-pillow package description. ---- This update fixes for security vulnerabilities, including CVE-2016-0775, CVE-2016-0740. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted...
Fedora 23 : python-pillow-3.0.0-2.fc23 (2016-4b06195979)
This update fixes for security vulnerabilities, including CVE-2016-0775, CVE-2016-0740. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible witho...
[SECURITY] [DSA 3499-1] pillow security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3499-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 28, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DLA 422-1] python-imaging security update
Package : python-imaging Version : 1.1.7-2+deb6u2 CVE ID : CVE-2016-0775 Debian Bug : 813909 Two buffer overflows were discovered in python-imaging, a Python library for loading and manipulating image files, which may lead to the execution of arbitrary code. CVE-2016-0775 Buffer overflow in...
DLA-422-1 python-imaging - security update
Bulletin has no description...