Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS : Nova vulnerability (USN-6884-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6884-1 advisory. Martin Kaesberger discovered that Nova incorrectly handled QCOW2 image processing. An authenticated user could use this issue to...

Moderate: Red Hat Security Advisory: python-pillow security update

An update for python-pillow is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

ALSA-2024:4227 Moderate: python-pillow security update

The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Security Fixes: python-pillow: buffer overflow in imagingcms.c CVE-2024-28219 For more details about...

Moderate: python-pillow security update

The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Security Fixes: python-pillow: buffer overflow in imagingcms.c CVE-2024-28219 For more details about...

GeoServer JAI-EXT extension command injection

Added: 06/27/2024 Background GeoServer is an open source server for sharing geospatial data. Java Advanced Imaging JAI is an API which provides a set of high level objects for the image processing. JAI-EXT is an open source project which extends the JAI API. Jiffle is a map algebra language...

BlackBerry QNX SDP Input Validation Error Vulnerability

BlackBerry QNX SDP is a software development platform from BlackBerry Canada BlackBerry. An input validation error vulnerability exists in BlackBerry QNX SDP versions 6.6, 7.0, and 7.1, which stems from the presence of an incorrect input validation vulnerability that could allow an attacker to...

CVE-2024-27836

The issue was addressed with improved checks. This issue is fixed in visionOS 1.2, macOS Sonoma 14.5, iOS 17.5 and iPadOS 17.5. Processing a maliciously crafted image may lead to arbitrary code execution...

CVE-2024-27836

The issue was addressed with improved checks. This issue is fixed in iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, visionOS 1.2. Processing a maliciously crafted image may lead to arbitrary code execution...

CVE-2024-27836

The issue was addressed with improved checks. This issue is fixed in iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, visionOS 1.2. Processing a maliciously crafted image may lead to arbitrary code execution...

RHEL 8 : python-pillow (RHSA-2024:3005)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3005 advisory. The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representatio...

Moderate: Red Hat Security Advisory: python-pillow security update

An update for python-pillow is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

Moderate: python-pillow security update

The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Security Fixes: python-pillow: uncontrolled resource consumption when textlength in an ImageDraw...

ALSA-2024:3005 Moderate: python-pillow security update

The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Security Fixes: python-pillow: uncontrolled resource consumption when textlength in an ImageDraw...

SUSE CVE-2023-52682

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to wait on block writeback for postread case If inode is compressed, but not encrypted, it missed to call f2fswaitonblockwriteback to wait for GCed page writeback in IPU write path. Thread A GC-Thread - f2fsgc -...

RHEL 6 : python-pillow (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - python-pillow: Missing check for negative image dimensions in ImagingNew Storage.c CVE-2016-9190 - Buffer...

GLSA-202405-02 : ImageMagick: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202405-02 ImageMagick: Multiple Vulnerabilities - A flaw was found in ImageMagick. The vulnerability occurs due to improper use of open functions and leads to a denial of service. This flaw allows an attacker to crash the system...

SixLabors.ImageSharp vulnerable to Memory Allocation with Excessive Size Value

Impact A vulnerability discovered in the ImageSharp library, where the processing of specially crafted files can lead to excessive memory usage in image decoders. The vulnerability is triggered when ImageSharp attempts to process image files that are designed to exploit this flaw. This flaw can b...

[SECURITY] Fedora 39 Update: python-pillow-10.3.0-1.fc39

Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk tk interface, qt PIL image wrapper for Qt, devel developmen...

Fedora: Security Advisory (FEDORA-2024-a966a6485e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 40 Update: imagej-1.54i-1.fc40

ImageJ is a public domain Java image processing program. It can display, edit, analyze a wide variety of image data, including image sequences. Imagej can be used for quantitative analysis of engineering and scientific image data...