Astra Linux - уязвимость в pillow

The pathgetbbox function in path.c of Pillow, prior to version 9.0.0, improperly initializes ImagePath.Path...

Astra Linux - уязвимость в libgit2

A issue was discovered in libgit2 before versions 0.28.4 and 0.9x before version 0.99.0. path.c improperly handles equivalent filenames that exist due to NTFS Alternate Data Streams. This may allow remote code execution when cloning a repository. This issue is similar to CVE-2019-1352...

CVE-2025-65411

A NULL pointer dereference in the src/path.c component of GNU Unrtf v0.21.10 allows attackers to cause a Denial of Service DoS via injecting a crafted payload into the searchpath parameter...

Memory corruption

open5gs v2.4.11 was discovered to contain a memory leak in the component src/smf/pfcp-path.c. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted PFCP packet...

CVE-2022-43222

Open5GS v2.4.11 is affected by a memory leak in src/smf/pfcp-path.c that can be exploited to cause a Denial of Service via crafted PFCP packets. The CVE entry documents a HIGH severity (CVSS 3.1 v3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). Connected sources corroborate the vulnerability in the mem...

RHEL 8 : python-pillow (RHSA-2022:0669)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0669 advisory. The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal...

Improper Initialization in Pillow

Pillow is the friendly PIL Python Imaging Library fork. pathgetbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path...

Denial Of Service (DoS)

pillow is vulnerable to denial of service. The pathgetbbox in path.c does not properly initialize the coordinates for zero values, allowing an attacker to cause an application crash through the ImagePath.Path...

PYSEC-2022-8

pathgetbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path...

CVE-2022-22816

pathgetbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization of ImagePath.Path...

CVE-2022-22815

pathgetbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path...

CVE-2020-12278

An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99.0. path.c mishandles equivalent filenames that exist because of NTFS Alternate Data Streams. This may allow remote code execution when cloning a repository. This issue is similar to CVE-2019-1352...

Remote code execution

An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99.0. path.c mishandles equivalent filenames that exist because of NTFS Alternate Data Streams. This may allow remote code execution when cloning a repository. This issue is similar to CVE-2019-1352...

CVE-2020-12278

Libgit2 contains CVE-2020-12278: path.c mishandles equivalent filenames created via NTFS Alternate Data Streams, enabling remote code execution when cloning a repository. Affected versions are libgit2 < 0.28.4 and 0.9x

CVE-2020-12278

An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99.0. path.c mishandles equivalent filenames that exist because of NTFS Alternate Data Streams. This may allow remote code execution when cloning a repository. This issue is similar to CVE-2019-1352...