Lucene search
+L

75 matches found

ubuntu
ubuntu
added 2026/03/31 12:19 a.m.10 views

USN-8135-1: Pillow vulnerabilities

It was discovered that Pillow did not correctly handle reading J2K files, which could lead to an out-of-bounds read vulnerability. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. This issue...

9.1CVSS7.8AI score0.02876EPSS
Exploits0
nessus
nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 7 : python-pillow-2.0.0-25.gitd1c6db8.el7 (AXSA:2024-7532:02)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-7532:02 advisory. pillow: Arbitrary Code Execution via the environment parameter CVE-2023-50447 Tenable has extracted the preceding description block directly from the...

8.1CVSS8.4AI score0.01703EPSS
Exploits0References2
nessus
nessus
added 2025/11/20 12:0 a.m.4 views

TencentOS Server 4: python-pillow (TSSA-2024:0593)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0593 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

9.8CVSS7.1AI score0.03399EPSS
Exploits0References2
virtuozzo
virtuozzo
added 2025/09/25 12:0 a.m.53 views

[Important] [Security] Vulnerability Fixes in urllib3, PyYAML, and Pillow (CVE-2018-20060, CVE-2020-1747, CVE-2020-14343, CVE-2023-50447, and CVE-2023-44271) for VzLinux 7.9

This update fixes the vulnerabilities in urllib3, PyYAML, and Pillow, which are registered as CVE-2018-20060, CVE-2020-1747, CVE-2020-14343, CVE-2023-50447, and CVE-2023-44271...

10CVSS8.1AI score0.05984EPSS
Exploits1References5
nessus
nessus
added 2025/06/16 12:0 a.m.5 views

TencentOS Server 2: python-pillow (TSSA-2024:0069)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0069 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...

8.1CVSS7.7AI score0.01703EPSS
Exploits0References2
nessus
nessus
added 2025/06/16 12:0 a.m.3 views

TencentOS Server 3: python-pillow (TSSA-2024:0078)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0078 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

8.1CVSS7.7AI score0.01703EPSS
Exploits0References2
openvas
openvas
added 2025/02/25 12:0 a.m.3 views

openSUSE Security Advisory (SUSE-SU-2024:0185-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.4AI score0.01703EPSS
Exploits0References4
nessus
nessus
added 2024/11/07 12:0 a.m.8 views

RHEL 7 : python-pillow (RHSA-2024:0857)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0857 advisory. The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representatio...

8.1CVSS7.2AI score0.01703EPSS
Exploits0References4
openvas
openvas
added 2024/10/28 12:0 a.m.10 views

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2024-2624)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS9.8AI score0.01703EPSS
Exploits0References2
openvas
openvas
added 2024/10/28 12:0 a.m.11 views

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2024-2658)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS9.8AI score0.01703EPSS
Exploits0References2
openvas
openvas
added 2024/09/23 12:0 a.m.15 views

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2024-2488)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.4AI score0.01703EPSS
Exploits0References2
ibm
ibm
added 2024/08/14 9:50 a.m.31 views

Security Bulletin: Pillow versions have a Denial of Service vulnerability due to uncontrolled memory allocation in ImageFont's

Summary An issue was discovered in Pillow before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for truetype in ImageFont when textlength in an ImageDraw instance...

8.1CVSS9.3AI score0.01703EPSS
Exploits0Affected Software1
ibm
ibm
added 2024/08/05 10:7 p.m.29 views

Security Bulletin: IBM Storage Ceph is vulnerable to Command Injection in the RHEL UBI (CVE-2023-50447)

Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. CVE-2023-50447. Vulnerability Details CVEID:CVE-2023-50447 DESCRIPTION: Pillow could allow a remote attacker to execute arbitrary cod...

8.1CVSS9AI score0.01703EPSS
Exploits0Affected Software1
openvas
openvas
added 2024/07/22 12:0 a.m.15 views

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2024-2050)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.4AI score0.01703EPSS
Exploits0References2
openvas
openvas
added 2024/07/19 12:0 a.m.12 views

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2024-1991)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS8.4AI score0.01703EPSS
Exploits0References2
openvas
openvas
added 2024/07/19 12:0 a.m.16 views

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2024-2009)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS8.4AI score0.01703EPSS
Exploits0References2
nessus
nessus
added 2024/07/18 12:0 a.m.24 views

EulerOS Virtualization 2.10.0 : python-pillow (EulerOS-SA-2024-1991)

According to the versions of the python-pillow package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different...

9.8CVSS7AI score0.03399EPSS
Exploits0References2
nessus
nessus
added 2024/07/18 12:0 a.m.21 views

EulerOS Virtualization 2.10.1 : python-pillow (EulerOS-SA-2024-2009)

According to the versions of the python-pillow package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different...

9.8CVSS7AI score0.03399EPSS
Exploits0References2
openvas
openvas
added 2024/07/01 12:0 a.m.18 views

Debian: Security Advisory (DSA-5704-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.4AI score0.01703EPSS
Exploits0References2
debian
debian
added 2024/06/05 6:58 p.m.41 views

[SECURITY] [DSA 5704-1] pillow security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5704-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 05, 2024 https://www.debian.org/security/faq -...

8.1CVSS8.4AI score0.01703EPSS
Exploits0
Rows per page
Query Builder