Lucene search
+L

8 matches found

OSV
OSV
added 5 days ago3 views

SUSE-SU-2026:2875-1 Security update for python-Pillow

This update for python-Pillow fixes the following issues - CVE-2026-54059: crafted PCF font data can cause excessive memory allocation bsc1270409. - CVE-2026-54060: a font can trigger excessive allocation during conversion or saving bsc1270410. - CVE-2026-55379: bypass of decompression bomb...

7.5CVSS6.1AI score0.00364EPSS
Exploits4References9
OSV
OSV
added 2026/07/10 9:38 a.m.3 views

OPENSUSE-SU-2026:21296-1 Security update for python-Pillow

This update for python-Pillow fixes the following issues - CVE-2026-42311: malicious PSD file processing can lead to arbitrary code execution bsc1270404. - CVE-2026-54059: crafted PCF font data can cause excessive memory allocation bsc1270409. - CVE-2026-54060: fonts can trigger excessive memory...

8.6CVSS6.5AI score0.00364EPSS
Exploits4References10
EUVD
EUVD
added 2026/07/06 6:50 p.m.6 views

EUVD-2026-41901

Pillow is a Python imaging library. Prior to 12.3.0, PIL/GdImageFile.py GdImageFile.open read image dimensions from the GD 2.x header and stored them in self.size without calling Image.decompressionbombcheck, allowing a crafted .gd file to trigger excessive C-heap allocation when loaded. This iss...

7.5CVSS6AI score0.00361EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2010/02/24 12:0 a.m.33 views

Debian DSA-1936-1 : libgd2 - several vulnerabilities

Several vulnerabilities have been discovered in libgd2, a library for programmatic graphics creation and manipulation. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-0455 Kees Cook discovered a buffer overflow in libgd2's font renderer. An attacker...

9.3CVSS7.4AI score0.11694EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2009/12/10 12:0 a.m.276 views

Mandriva Security Advisory MDVSA-2009:284-1 (gd)

The remote host is missing an update to gd announced via advisory MDVSA-2009:284-1. OpenVAS Vulnerability Test $Id: mdksa20092841.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:284-1 gd Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

9.3CVSS0.9AI score0.1021EPSS
Exploits1
Debian
Debian
added 2009/11/17 8:52 p.m.51 views

[SECURITY] [DSA 1936-1] New libgd2 packages fix several vulnerabilities

------------------------------------------------------------------------ Debian Security Advisory DSA-1936-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano November 17, 2009 http://www.debian.org/security/faq -...

9.3CVSS8.2AI score0.11694EPSS
Exploits0
OpenVAS
OpenVAS
added 2009/10/23 12:0 a.m.28 views

GD Graphics Library '_gdGetColors()' Buffer Overflow Vulnerability - Linux

GD Graphics Library is prone to a buffer overflow vulnerability. This VT may create FP and LSC SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

9.3CVSS7AI score0.1021EPSS
Exploits0References4
OSV
OSV
added 2009/10/19 8:0 p.m.2 views

DEBIAN-CVE-2009-3546

The gdGetColors function in gdgd.c in PHP 5.2.11 and 5.3.x before 5.3.1, and the GD Graphics Library 2.x, does not properly verify a certain colorsTotal structure member, which might allow remote attackers to conduct buffer overflow or buffer over-read attacks via a crafted GD file, a different...

9.3CVSS9.4AI score0.1021EPSS
Exploits0References1
Rows per page
Query Builder