RHEL 6 : python-pillow (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - python-pillow, python-imaging: command injection issue CVE-2014-3007 - python-pillow: Missing check for...

Denial Of Service (DoS)

pillow is vulnerable to denial of service. Lack of validation and checks for the validity of return data when jumping to file offsets in the EpsImagePlugin results in a denial-of-service condition...

CVE-2014-1933

The 1 JpegImagePlugin.py and 2 EpsImagePlugin.py scripts in Python Image Library PIL 1.1.7 and earlier and Pillow before 2.3.1 uses the names of temporary files on the command line, which makes it easier for local users to conduct symlink attacks by listing the processes...

CVE-2014-1932

The 1 loaddjpeg function in JpegImagePlugin.py, 2 Ghostscript function in EpsImagePlugin.py, 3 load function in IptcImagePlugin.py, and 4 copy function in Image.py in Python Image Library PIL 1.1.7 and earlier and Pillow before 2.3.1 do not properly create temporary files, which allow local users...