32 matches found
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-pillow (UTSA-2026-017471)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017471 advisory. The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service ReDoS via the getrgb function. Tenable has extracted the preceding...
Astra Linux - уязвимость в libsdl1.2, libsdl2
In SDLGetRGB in the video/SDLpixels.c file, there is a heap-based buffer over-read issue in versions from 1.2.15 up to 2.x, and from 2.0.9 onwards...
Astra Linux - уязвимость в pillow
The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service ReDoS via the getrgb function...
EUVD-2021-0170
Malware in sbrugna...
SUSE CVE-2019-7636
SDL Simple DirectMedia Layer through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in SDLGetRGB in video/SDLpixels.c...
SUSE CVE-2021-23437
The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service ReDoS via the getrgb function...
EulerOS 2.0 SP3 : python-pillow (EulerOS-SA-2022-1184)
According to the versions of the python-pillow package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service ReDoS via the getrgb function...
EulerOS 2.0 SP5 : python-pillow (EulerOS-SA-2021-2670)
According to the versions of the python-pillow package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service ReDoS via the getrgb function...
EulerOS 2.0 SP9 : python-pillow (EulerOS-SA-2021-2694)
According to the versions of the python-pillow packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service ReDoS via the getrgb function...
Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2021-2641)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP8 : python-pillow (EulerOS-SA-2021-2641)
According to the versions of the python-pillow packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service ReDoS via the getrgb function...
Regular Expression Denial Of Service (ReDoS)
py3-pillow is vulnerable to regular expression denial of service. An attacker is able to crash the system through the getrgb function...
OESA-2021-1383 python-pillow security update
Pillow is the friendly PIL fork by Alex Clark and Contributors. PIL is the Python Imaging Library by Fredrik Lundh and Contributors. As of 2019, Pillow development is supported by Tidelift. Security Fixes: The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of...
Uncontrolled Resource Consumption in pillow
The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service ReDoS via the getrgb function...
GHSA-98VV-PW6R-Q6Q4 Uncontrolled Resource Consumption in pillow
The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service ReDoS via the getrgb function...
ALPINE-CVE-2021-23437
The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service ReDoS via the getrgb function...
CVE-2021-23437
The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service ReDoS via the getrgb function...
DEBIAN-CVE-2021-23437
The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service ReDoS via the getrgb function...
CVE-2021-23437
The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service ReDoS via the getrgb function...
Design/Logic Flaw
The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service ReDoS via the getrgb function...