39 matches found
Amazon Linux 2023 : python3-pillow, python3-pillow-devel, python3-pillow-tk (ALAS2023-2023-057)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-057 advisory. A flaw was found in python-pillow. The vulnerability occurs due to improper initialization of image paths, leading to a buffer over-read and improper initialization. This flaw allows an attacke...
EulerOS Virtualization 3.0.2.2 : python-pillow (EulerOS-SA-2023-1288)
According to the versions of the python-pillow package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service ReDoS via the getrgb...
EulerOS Virtualization 3.0.6.6 : python-pillow (EulerOS-SA-2022-2532)
According to the versions of the python-pillow package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - pathgetbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path. CVE-2022-22815 - pathgetbbox in path.c ...
EulerOS Virtualization 2.10.0 : python-pillow (EulerOS-SA-2022-2037)
According to the versions of the python-pillow package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - pathgetbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path. CVE-2022-22815 - pathgetbbox in path.c ...
Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2022-1760)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 3.0.2.0 : python-pillow (EulerOS-SA-2022-1690)
According to the versions of the python-pillow package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - pathgetbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path. CVE-2022-22815 - pathgetbbox in path.c ...
Amazon Linux 2 : python-pillow, --advisory ALAS2-2022-1786 (ALAS-2022-1786)
The version of python-pillow installed on the remote host is prior to 2.0.0-23.gitd1c6db8. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1786 advisory. A flaw was found in python-pillow. The vulnerability occurs due to improper initialization of image path...
EulerOS 2.0 SP5 : python-pillow (EulerOS-SA-2022-1549)
According to the versions of the python-pillow package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - pathgetbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path. CVE-2022-22815 - pathgetbbox in path.c in Pillow befor...
Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2022-1436)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP9 : python-pillow (EulerOS-SA-2022-1436)
According to the versions of the python-pillow package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - pathgetbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path. CVE-2022-22815 - pathgetbbox in path.c in Pillow befor...
python security update
CentOS Errata and Security Advisory CESA-2022:0609 An update for python-pillow is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
RHEL 8 : python-pillow (RHSA-2022:0667)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0667 advisory. The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal...
RHEL 8 : python-pillow (RHSA-2022:0665)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0665 advisory. The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal...
RHEL 8 : python-pillow (RHSA-2022:0669)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0669 advisory. The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal...
python-pillow security update
An update is available for python-pillow. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The python-pillow packages contain a Python image processing library th...
ROS-20220128-02
A vulnerability in the Python Pillow image library is related to buffer re-reading during the ImagePath.Path initialization in the pathgetbbox function in path.c. Exploitation of the vulnerability could allow an attacker acting remotely to pass a specially crafted file to a vulnerable library and...
Debian DLA-2893-1 : pillow - LTS security update
The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2893 advisory. - pathgetbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path. CVE-2022-22815 - pathgetbbox in path.c in Pillow before 9.0.0 has a buffer...
Ubuntu 16.04 ESM : Pillow vulnerabilities (USN-5227-2)
The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5227-2 advisory. USN-5227-1 fixed several vulnerabilities in Pillow. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Tenable has...
Pillow input validation error vulnerability
Pillow is a Python-based image processing library. Pillow is vulnerable to an input validation error prior to 9.0.0, which stems from a networked system or product that does not properly validate input data. An attacker could exploit this vulnerability to execute arbitrary expressions using the...