13 matches found
Linux Distros Unpatched Vulnerability : CVE-2020-10378
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In libImaging/PcxDecode.c in Pillow before 7.1.0, an out-of-bounds read can occur when reading PCX files where state-shuffle is instructed to read beyond...
Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2021-1840)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2021-1729)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2021-1570)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated python-pillow packages fix security vulnerabilities
Pillow before 6.2.3 and 7.x before 7.0.1 has multiple out-of-bounds reads in libImaging/FliDecode.c CVE-2020-10177. In libImaging/PcxDecode.c in Pillow before 6.2.3 and 7.x before 7.0.1, an out-of-bounds read can occur when reading PCX files where state-shuffle is instructed to read beyond...
EulerOS 2.0 SP5 : python-pillow (EulerOS-SA-2020-2266)
According to the versions of the python-pillow package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Pillow before 7.1.0 has multiple out-of-bounds reads in libImaging/FliDecode.c.CVE-2020-10177 - In libImaging/PcxDecode.c in Pillow before...
Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2020-1966)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: WML CE: In Pillow before 7.1.0, there is a Buffer Overflow
Summary In Pillow before 7.1.0, there are two Buffer Overflows in libImaging/TiffDecode.c. PyTorch and TensorFlow uses Pillow. Vulnerability Details CVEID: CVE-2020-10378 DESCRIPTION: Pillow could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read when readin...
Fedora: Security Advisory for python-pillow (FEDORA-2020-d0737711b6)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora 31 : python-pillow (2020-d0737711b6)
This update fixes CVE-2020-10177, CVE-2020-10994, CVE-2020-10379, CVE-2020-11538 and CVE-2020-10378. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much ...
Fedora 32 : python-pillow (2020-c52106e48a)
This update fixes CVE-2020-10177, CVE-2020-10994, CVE-2020-10379, CVE-2020-11538 and CVE-2020-10378. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much ...
CVE-2020-10378
In libImaging/PcxDecode.c in Pillow before 7.1.0, an out-of-bounds read can occur when reading PCX files where state-shuffle is instructed to read beyond state-buffer...
CVE-2020-10378
In Pillow, CVE-2020-10378 is an out-of-bounds read in the PCX decoding path. Specifically, in libImaging/PcxDecode.c, when reading PCX files, state->shuffle may be instructed to read beyond state->buffer, enabling an out-of-bounds access. This vulnerability is documented for Pillow releases...