Linux Distros Unpatched Vulnerability : CVE-2016-9190

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Pillow before 3.3.2 allows context-dependent attackers to execute arbitrary code by using the crafted image file approach, related to an Insecure Sign Extension...

RHEL 7 : python-pillow (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - python-pillow, python-imaging: command injection issue CVE-2014-3007 - python-pillow: Missing check for...

RHEL 5 : python-pillow (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - python-pillow, python-imaging: command injection issue CVE-2014-3007 - python-pillow: Missing check for...

Amazon Linux AMI : python-imaging (ALAS-2023-1787)

It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1787 advisory. Pillow before 3.3.2 allows context-dependent attackers to execute arbitrary code by using the crafted image file approach, related to an Insecure Sign Extension issue affecting the ImagingNew in Storage.c...

Medium: python-imaging

Issue Overview: Pillow before 3.3.2 allows context-dependent attackers to execute arbitrary code by using the "crafted image file" approach, related to an "Insecure Sign Extension" issue affecting the ImagingNew in Storage.c component. CVE-2016-9190 Affected Packages: python-imaging Issue...

SUSE CVE-2016-9190

Pillow before 3.3.2 allows context-dependent attackers to execute arbitrary code by using the "crafted image file" approach, related to an "Insecure Sign Extension" issue affecting the ImagingNew in Storage.c component...

Mageia: Security Advisory (MGASA-2016-0383)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2019-2437)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2017-1049)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2019-1709)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP2 : python-pillow (EulerOS-SA-2019-2437)

According to the versions of the python-pillow package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Pillow before 2.7.0 allows remote attackers to cause a denial of service via a compressed text chunk in a PNG image that has a large size...

EulerOS Virtualization for ARM 64 3.0.2.0 : python-pillow (EulerOS-SA-2019-1709)

According to the version of the python-pillow package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - A vulnerability was found in python-pillow. A crafted image file with negative dimensions could cause a buffer to b...

EulerOS 2.0 SP5 : python-pillow (EulerOS-SA-2019-1687)

According to the version of the python-pillow package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A vulnerability was found in python-pillow. A crafted image file with negative dimensions could cause a buffer to be under-allocated, leading...

EulerOS 2.0 SP1 : python-pillow (EulerOS-SA-2017-1049)

According to the version of the python-pillow package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A vulnerability was found in python-pillow. A crafted image file with negative dimensions could cause a buffer to be under-allocated, leading...

Ubuntu: Security Advisory (USN-3229-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 12.04 LTS : python-imaging vulnerabilities (USN-3229-1)

It was discovered that the Python Imaging Library incorrectly handled certain compressed text chunks in PNG images. A remote attacker could possibly use this issue to cause the Python Imaging Library to crash, resulting in a denial of service. CVE-2014-9601 Cris Neckar discovered that the Python...

USN-3230-1: Pillow vulnerabilities

It was discovered that Pillow incorrectly handled certain compressed text chunks in PNG images. A remote attacker could possibly use this issue to cause Pillow to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS. CVE-2014-9601 Cris Neckar discovered that Pillow...

USN-3230-1 pillow vulnerabilities

It was discovered that Pillow incorrectly handled certain compressed text chunks in PNG images. A remote attacker could possibly use this issue to cause Pillow to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS. CVE-2014-9601 Cris Neckar discovered that Pillow...

Updated python-pillow packages fix security vulnerabilities

It was discovered that there were a number of memory overflow issues in python-pillow, a Python image manipulation library. CVE-2016-9189 and CVE-2016-9190...

CVE-2016-9190

Pillow before 3.3.2 allows context-dependent attackers to execute arbitrary code by using the "crafted image file" approach, related to an "Insecure Sign Extension" issue affecting the ImagingNew in Storage.c component...