Pillow Denial of Service Vulnerability (CNVD-2021-54032)

Pillow is a Python-based image processing library. a denial of service vulnerability exists in versions prior to Pillow 8.2.0, which stems from the fact that for FLI data, FliDecode does not properly check whether the block advance is non-zero, and an attacker can exploit this vulnerability to...

Pillow Denial of Service Vulnerability (CNVD-2021-54030)

Pillow is a Python-based image processing library. A denial of service vulnerability exists in versions of Pillow prior to 8.2.0, which stems from the fact that PSDImagePlugin.PsdImageFile does not properly check the number of input layers based on data block size, and can be exploited by attacke...

Accusoft ImageGear Heap Buffer Overflow Vulnerability

Accusoft ImageGear is a software development kit SDK for image processing from Accusoft, U.S.A. A security vulnerability exists in Accusoft ImageGear, which could be exploited by an attacker to cause an integer overflow, and thus a heap buffer overflow, via a misformatted file that is constructed...

Pillow Denial of Service Vulnerability (CNVD-2021-54029)

Pillow is a Python-based image processing library. A denial of service vulnerability exists in versions of Pillow prior to 8.2.0. The vulnerability stems from the fact that for BLP data, the BlpImagePlugin does not properly check the data returned by the read, and an attacker could exploit this...

CVE-2021-22335

There is a Memory Buffer Improper Operation Limit vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause exceptions in image processing...

CVE-2021-22335

There is a Memory Buffer Improper Operation Limit vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause exceptions in image processing...

Buffer overflow

There is a Memory Buffer Improper Operation Limit vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause exceptions in image processing...

CVE-2021-22335

There is a Memory Buffer Improper Operation Limit vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause exceptions in image processing...

[SECURITY] Fedora 33 Update: python-pillow-7.2.0-6.fc33

Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk tk interface, qt PIL image wrapper for Qt , devel developme...

华为智能手机缓冲区错误漏洞

Huawei Emui is a mobile operating system based on Android development.Huawei Magic UI is the operating system for Honor phones. A heap overflow vulnerability exists in Huawei EMUI/Magic UI, which can be exploited by an attacker to cause an anomaly in image processing...

Fedora: Security Advisory for python-pillow (FEDORA-2021-aa5d2e2289)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Pillow Out-of-Bounds Read Vulnerability (CNVD-2021-43528)

Python Imaging Library PIL is a free library for the Python programming language that supports opening, manipulating, and saving a wide range of image file formats.Pillow is a PIL branch. An out-of-bounds read vulnerability exists in the j2kugrayala function in J2kDecode in versions of Pillow pri...

USN-4971-1: libwebp vulnerabilities

It was discovered that libwebp incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image file, a remote attacker could use this issue to cause libwebp to crash, resulting in a denial of service, or possibly execute arbitrary co...

[SECURITY] Fedora 34 Update: python-pillow-8.1.2-3.fc34

Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk tk interface, qt PIL image wrapper for Qt , devel developme...

Updated openjpeg2 packages fix a security vulnerability

There is a flaw in the opj2compress program in openjpeg2. An attacker who is able to submit a large number of image files to be processed in a directory by opj2compress, could trigger a heap out-of-bounds write due to an integer overflow, which is caused by the large number of image files. The...

openSUSE Security Update : jhead (openSUSE-2021-743)

This update for jhead fixes the following issues : jhead was updated to 3.06.0.1 - lot of fuzztest fixes - Apply a whole bunch of patches from Debian. - Spell check and fuzz test stuff from Debian, nothing useful to human users. - Add option to set exif date from date from another file. - Bug fix...

Freeimage Parses Inventory in Integer Overflow Vulnerability

freeimage is a free , open source , cross-platform Windows, Linux and Mac OS X , supports more than 20 types of images such as BMP, JPEG, GIF, PNG, TIFF , etc. image processing library . The Freeimage parsing library suffers from an integer overflow vulnerability, which can be exploited by...

[SECURITY] Fedora 34 Update: gmic-2.9.7-1.fc34

G'MIC is an open and full-featured framework for image processing, providing several different user interfaces to convert/manipulate/filter/visualize generic image datasets, from 1d scalar signals to 3d+t sequences of multi-spectral volumetric images...

[SECURITY] Fedora 34 Update: CImg-2.9.7-1.fc34

The CImg Library is an open-source C++ toolkit for image processing. It consists in a single header file 'CImg.h' providing a minimal set of C++ classes and methods that can be used in your own sources, to load/save, process and display images. Very portable, efficient and easy to use, it's a...

PT-2021-4732 · Apple · Ipados +4

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 11.3 iOS versions prior to 14.5 iPadOS versions prior to 14.5 watchOS versions prior to 7.4 tvOS versions prior to 14.5 Description: The issue is related to a buffer out-of-bounds read in memory, which can be exploited...