8 matches found
SUSE-SU-2026:2875-1 Security update for python-Pillow
This update for python-Pillow fixes the following issues - CVE-2026-54059: crafted PCF font data can cause excessive memory allocation bsc1270409. - CVE-2026-54060: a font can trigger excessive allocation during conversion or saving bsc1270410. - CVE-2026-55379: bypass of decompression bomb...
OPENSUSE-SU-2026:21296-1 Security update for python-Pillow
This update for python-Pillow fixes the following issues - CVE-2026-42311: malicious PSD file processing can lead to arbitrary code execution bsc1270404. - CVE-2026-54059: crafted PCF font data can cause excessive memory allocation bsc1270409. - CVE-2026-54060: fonts can trigger excessive memory...
EUVD-2026-41901
Pillow is a Python imaging library. Prior to 12.3.0, PIL/GdImageFile.py GdImageFile.open read image dimensions from the GD 2.x header and stored them in self.size without calling Image.decompressionbombcheck, allowing a crafted .gd file to trigger excessive C-heap allocation when loaded. This iss...
Debian DSA-1936-1 : libgd2 - several vulnerabilities
Several vulnerabilities have been discovered in libgd2, a library for programmatic graphics creation and manipulation. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-0455 Kees Cook discovered a buffer overflow in libgd2's font renderer. An attacker...
Mandriva Security Advisory MDVSA-2009:284-1 (gd)
The remote host is missing an update to gd announced via advisory MDVSA-2009:284-1. OpenVAS Vulnerability Test $Id: mdksa20092841.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:284-1 gd Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
[SECURITY] [DSA 1936-1] New libgd2 packages fix several vulnerabilities
------------------------------------------------------------------------ Debian Security Advisory DSA-1936-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano November 17, 2009 http://www.debian.org/security/faq -...
GD Graphics Library '_gdGetColors()' Buffer Overflow Vulnerability - Linux
GD Graphics Library is prone to a buffer overflow vulnerability. This VT may create FP and LSC SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
DEBIAN-CVE-2009-3546
The gdGetColors function in gdgd.c in PHP 5.2.11 and 5.3.x before 5.3.1, and the GD Graphics Library 2.x, does not properly verify a certain colorsTotal structure member, which might allow remote attackers to conduct buffer overflow or buffer over-read attacks via a crafted GD file, a different...