Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2021-2279)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 33 Update: python-pillow-7.2.0-7.fc33

Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk tk interface, qt PIL image wrapper for Qt, devel developmen...

[SECURITY] Fedora 33 Update: python2-pillow-6.2.2-6.fc33

Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. This is a minimal compatibility package for https://pagure.io/fesco/issue/2266...

[SECURITY] Fedora 34 Update: python-pillow-8.1.2-4.fc34

Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk tk interface, qt PIL image wrapper for Qt, devel developmen...

Fedora: Security Advisory for python2-pillow (FEDORA-2021-bf01a738f3)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Leptonica: Multiple vulnerabilities

Background Leptonica is a C library for image processing and analysis. Description Multiple vulnerabilities have been discovered in Leptonica. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no...

Adobe Photoshop Incorrect Input Validation Vulnerability

Adobe Photoshop is a set of image processing software from the American company Audobee Adobe. A security vulnerability exists in Adobe Photoshop. An attacker can exploit this vulnerability to read arbitrary files on the system...

Google Chrome image processing security bypass vulnerability

Google Chrome is a web browser from the US company Google. A security vulnerability exists in image processing in Windows in versions prior to Google Chrome 92.0.4515.107. An attacker could exploit this vulnerability to bypass security restrictions...

Apple iOS和Apple iPadOS 资源管理错误漏洞

Apple iOS and Apple iPadOS are products of Apple Inc.Apple iOS is an operating system developed for mobile devices.Apple iPadOS is an operating system for iPad tablets.Apple iOS 14.7 and iPadOS 14.7 are vulnerable to a resource management error. A resource management error vulnerability exists in...

Google Chrome 安全漏洞

Google Chrome is a web browser from the US company Google. A security vulnerability exists in image processing in Windows in versions prior to Google Chrome 92.0.4515.107. An attacker could exploit this vulnerability to bypass security restrictions...

JasPer numeric error vulnerability

JasPer is a C-based tool for image processing from Michael Adams' personal developer. The software supports the JPEG-2000 format as defined in ISO / IEC 15444-1 and is primarily used for image encoding and processing. A divide by zero vulnerability exists. No detailed vulnerability details are...

Libvips numeric error vulnerability

libvips is an open source 2D image processing library. libvips version 8.10.5 is vulnerable due to a dezero vulnerability in function "vipseyepoint, eye.cL83" and function "vipsmaskpoint, mask.cL85". No detailed vulnerability details are available at this time...

JasPer 数字错误漏洞

JasPer is a C-based tool for image processing from Michael Adams' personal developer. The software supports the JPEG-2000 format as defined in ISO / IEC 15444-1 and is primarily used for image encoding and processing. A divide by zero vulnerability exists. No detailed vulnerability details are...

Pillow Buffer Overflow Vulnerability (CNVD-2021-54028)

Pillow is a Python-based image processing library. A buffer overflow vulnerability exists in Pillow, which stems from the failure of the product's convert.c to validate the security of parameters, and could be exploited to trigger a denial of service or remote code execution by triggering a buffe...

Imagegear suffers from a denial of service vulnerability (CNVD-2021-50961)

ImageGear is a graphic image processing software with scanning, compression, viewing, printing, adding annotations, image editing and other features that enable developers to quickly develop image processing programs. Imagegear suffers from a denial of service vulnerability that can be exploited ...

Ricoh (China) Unauthorized Access Vulnerability in Various Products of Ricoh (China) Investment Co.

Ricoh China Investment Co., Ltd. provides services and solutions such as document output management services and IT solutions such as office image processing equipment e.g., MFPs, printers, etc., production digital printers, and more. An unauthorized access vulnerability exists in various Ricoh...

Accusoft ImageGear Memory Corruption Vulnerability

Accusoft ImageGear is a software development kit SDK for image processing from Accusoft, U.S. A memory corruption vulnerability exists in the PNG pngpaletteprocess function in Accusoft ImageGear version 19.9. An attacker can exploit the vulnerability to cause a heap buffer overflow via specially...

Accusoft ImageGear buffer overflow vulnerability (CNVD-2021-40854)

Accusoft ImageGear is a software development kit SDK for image processing from Accusoft, USA. ImageGear 19.9 suffers from a buffer overflow vulnerability that stems from the fact that an attacker can exploit the vulnerability by being able to supply a malicious file to trigger the vulnerability. ...

Huawei EMUI/Magic UI Heap Overflow Vulnerability

Huawei Emui is a mobile operating system based on Android development.Huawei Magic UI is the operating system for Honor phones. A heap overflow vulnerability exists in Huawei EMUI/Magic UI, which can be exploited by an attacker to cause an anomaly in image processing...

Pillow Denial of Service Vulnerability (CNVD-2021-54031)

Pillow is a Python-based image processing library. a denial of service vulnerability exists in versions of Pillow prior to 8.2.0, which can be exploited by attackers with malicious EPS files to cause a denial of service...