7 matches found
Scientific Linux Security Update : python-pillow on SL7.x x86_64 (20201001)
Security Fixes : - python-pillow: out-of-bounds read in ImagingFliDecode when loading FLI images CVE-2020-5313 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description scriptid141709; scriptversion"1.3";...
CentOS 7 : python-pillow (RHSA-2020:3887)
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:3887 advisory. - libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overflow. CVE-2020-5313 Note that Nessus has not tested for this issue but has instead relied...
Oracle Linux 8 : python-pillow (ELSA-2020-3185)
The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2020-3185 advisory. - Fix for CVE-2020-5313 Resolves: rhbz1789532 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory...
Important: python-pillow security update
The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Security Fixes: python-pillow: out-of-bounds reads/writes in the parsing of SGI image files in...
RLSA-2020:3185 Important: python-pillow security update
The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Security Fixes: python-pillow: out-of-bounds reads/writes in the parsing of SGI image files in...
RHEL 8 : python-pillow (RHSA-2020:3185)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:3185 advisory. The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal...
CVE-2020-5313
An out-of-bounds read was discovered in python-pillow in the way it decodes FLI images. An application that uses python-pillow to load untrusted images may be vulnerable to this flaw, which can allow an attacker to read the memory of the application they should be not allowed to read...