31 matches found
Astra Linux - уязвимость в pillow
Pillow through 10.1.0 allows for arbitrary code execution via the environment parameter. This is a different vulnerability than CVE-2022-22817, which involved the expression parameter...
MiracleLinux 8 : python-pillow-5.1.1-18.el8_9.1.ML.1 (AXSA:2024-7539:03)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7539:03 advisory. pillow: Arbitrary Code Execution via the environment parameter CVE-2023-50447 Tenable has extracted the preceding description block directly from the...
MiracleLinux 7 : python-pillow-2.0.0-25.gitd1c6db8.el7 (AXSA:2024-7532:02)
The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-7532:02 advisory. pillow: Arbitrary Code Execution via the environment parameter CVE-2023-50447 Tenable has extracted the preceding description block directly from the...
Linux Distros Unpatched Vulnerability : CVE-2023-50447
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than CVE-2022-22817 which was...
TencentOS Server 3: python-pillow (TSSA-2024:0078)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0078 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
pillow: Arbitrary Code Execution via the environment parameter
A vulnerability was found in Pillow, a popular Python imaging library. The flaw identified in the PIL.ImageMath.eval function enables arbitrary code execution by manipulating the environment parameter...
EulerOS Virtualization 2.11.1 : python-pillow (EulerOS-SA-2024-1617)
According to the versions of the python-pillow package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different...
Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2024-1600)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP11 : python-pillow (EulerOS-SA-2024-1225)
According to the versions of the python-pillow package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than...
openSUSE Security Advisory (SUSE-SU-2024:0205-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
pillow: Arbitrary Code Execution via the environment parameter
A vulnerability was found in Pillow, a popular Python imaging library. The flaw identified in the PIL.ImageMath.eval function enables arbitrary code execution by manipulating the environment parameter...
pillow: Arbitrary Code Execution via the environment parameter
A vulnerability was found in Pillow, a popular Python imaging library. The flaw identified in the PIL.ImageMath.eval function enables arbitrary code execution by manipulating the environment parameter...
pillow: Arbitrary Code Execution via the environment parameter
A vulnerability was found in Pillow, a popular Python imaging library. The flaw identified in the PIL.ImageMath.eval function enables arbitrary code execution by manipulating the environment parameter...
pillow: Arbitrary Code Execution via the environment parameter
A vulnerability was found in Pillow, a popular Python imaging library. The flaw identified in the PIL.ImageMath.eval function enables arbitrary code execution by manipulating the environment parameter...
pillow: Arbitrary Code Execution via the environment parameter
A vulnerability was found in Pillow, a popular Python imaging library. The flaw identified in the PIL.ImageMath.eval function enables arbitrary code execution by manipulating the environment parameter...
RHEL 8 : python-pillow (RHSA-2024:0754)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0754 advisory. The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representatio...
pillow: Arbitrary Code Execution via the environment parameter
A vulnerability was found in Pillow, a popular Python imaging library. The flaw identified in the PIL.ImageMath.eval function enables arbitrary code execution by manipulating the environment parameter...
Important: python-pillow
Issue Overview: Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than CVE-2022-22817 which was about the expression parameter. CVE-2023-50447 Affected Packages: python-pillow Issue Correction: Run dnf update...
Amazon Linux 2023 : python3-pillow, python3-pillow-devel, python3-pillow-tk (ALAS2023-2024-512)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-512 advisory. Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than CVE-2022-22817 which was about the expression parameter...
Important: python-pillow
Issue Overview: Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than CVE-2022-22817 which was about the expression parameter. CVE-2023-50447 Affected Packages: python-pillow Note: This advisory is applicable to Amaz...