Overflow/crash in `tf.image.resize` when size is large

Impact If tf.image.resize is called with a large input argument then the TensorFlow process will crash due to a CHECK-failure caused by an overflow. python import tensorflow as tf import numpy as np tf.keras.layers.UpSampling2D size=1610637938, dataformat='channelsfirst',...

Moderate: Red Hat Security Advisory: python-pillow security update

An update for python-pillow is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

RLSA-2021:4149 Moderate: python-pillow security update

The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Security Fixes: python-pillow: Out-of-bounds read in J2K image reader CVE-2021-25287 python-pillow:...

Moderate: python-pillow security update

The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Security Fixes: python-pillow: Out-of-bounds read in J2K image reader CVE-2021-25287 python-pillow:...

python-pillow security update

An update is available for python-pillow. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The python-pillow packages contain a Python image processing library th...

CVE-2021-39907

CVE-2021-39907 affects GitLab CE/EE starting with version 13.7. The issue arises from stripping EXIF data from certain images, which can cause high CPU usage and potential denial of service. The connected documents corroborate the baseline description across multiple sources (GitLab CVE entry, OS...

CVE-2021-39907

Removed by vendor...

PT-2021-22754 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 13.7 and later Description: A potential DOS issue was discovered in GitLab CE/EE. The stripping of EXIF data from certain images resulted in high CPU usage. Recommendations: For GitLab CE/EE versions 13.7 and later,...

Image-Processing Resource Management Error Vulnerability

Image-Processing is an image processing code repository that uses C. abhijitnathwani image-processing v0.1.0 contains a security vulnerability that stems from a problem with how the software handles image file sizes, which could be exploited by an attacker to cause a denial of service via a craft...

CVE-2020-21573

An issue was discoverered in in abhijitnathwani image-processing v0.1.0, allows local attackers to cause a denial of service via a crafted image file...

CVE-2020-21573

An issue was discoverered in in abhijitnathwani image-processing v0.1.0, allows local attackers to cause a denial of service via a crafted image file...

Design/Logic Flaw

An issue was discoverered in in abhijitnathwani image-processing v0.1.0, allows local attackers to cause a denial of service via a crafted image file...

CVE-2020-21573

CVE-2020-21573 affects the project abhijitnathwani image-processing v0.1.0. Multiple connected records describe a vulnerability in how the software handles image file sizes, enabling a local attacker to cause a denial of service via a crafted image file. The root cause is stated broadly as a proc...

Image-Processing资源管理错误漏洞

Image-Processing is an image processing code repository that uses C. abhijitnathwani image-processing v0.1.0 contains a security vulnerability that stems from a problem with how the software handles image file sizes, which could be exploited by an attacker to cause a denial of service via a craft...

CVE-2021-22564

For certain valid JPEG XL images with a size slightly larger than an integer number of groups 256x256 pixels when processing the groups out of order the decoder can perform an out of bounds copy of image pixels from an image buffer in the heap to another. This copy can occur when processing the...

CVE-2021-22564

For certain valid JPEG XL images with a size slightly larger than an integer number of groups 256x256 pixels when processing the groups out of order the decoder can perform an out of bounds copy of image pixels from an image buffer in the heap to another. This copy can occur when processing the...

Design/Logic Flaw

For certain valid JPEG XL images with a size slightly larger than an integer number of groups 256x256 pixels when processing the groups out of order the decoder can perform an out of bounds copy of image pixels from an image buffer in the heap to another. This copy can occur when processing the...

CVE-2021-30814

A memory corruption issue was addressed with improved input validation. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted image may lead to arbitrary code execution...

CVE-2021-30814

A memory corruption issue was addressed with improved input validation. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted image may lead to arbitrary code execution...

CVE-2021-30814

A memory corruption issue was addressed with improved input validation. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted image may lead to arbitrary code execution...