Lucene search
K

39 matches found

Tenable Nessus
Tenable Nessus
added 2023/03/21 12:0 a.m.24 views

Amazon Linux 2023 : python3-pillow, python3-pillow-devel, python3-pillow-tk (ALAS2023-2023-057)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-057 advisory. A flaw was found in python-pillow. The vulnerability occurs due to improper initialization of image paths, leading to a buffer over-read and improper initialization. This flaw allows an attacke...

9.8CVSS7.1AI score0.03399EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2023/01/30 12:0 a.m.38 views

EulerOS Virtualization 3.0.2.2 : python-pillow (EulerOS-SA-2023-1288)

According to the versions of the python-pillow package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service ReDoS via the getrgb...

9.8CVSS7.3AI score0.03399EPSS
Exploits1References10
Tenable Nessus
Tenable Nessus
added 2022/10/09 12:0 a.m.33 views

EulerOS Virtualization 3.0.6.6 : python-pillow (EulerOS-SA-2022-2532)

According to the versions of the python-pillow package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - pathgetbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path. CVE-2022-22815 - pathgetbbox in path.c ...

9.8CVSS7.2AI score0.03399EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2022/07/14 12:0 a.m.36 views

EulerOS Virtualization 2.10.0 : python-pillow (EulerOS-SA-2022-2037)

According to the versions of the python-pillow package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - pathgetbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path. CVE-2022-22815 - pathgetbbox in path.c ...

9.8CVSS7.2AI score0.03399EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2022/05/25 12:0 a.m.21 views

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2022-1760)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.5AI score0.03399EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/05/07 12:0 a.m.36 views

EulerOS Virtualization 3.0.2.0 : python-pillow (EulerOS-SA-2022-1690)

According to the versions of the python-pillow package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - pathgetbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path. CVE-2022-22815 - pathgetbbox in path.c ...

9.8CVSS7.2AI score0.03399EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2022/04/27 12:0 a.m.84 views

Amazon Linux 2 : python-pillow, --advisory ALAS2-2022-1786 (ALAS-2022-1786)

The version of python-pillow installed on the remote host is prior to 2.0.0-23.gitd1c6db8. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1786 advisory. A flaw was found in python-pillow. The vulnerability occurs due to improper initialization of image path...

9.8CVSS7.1AI score0.03399EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2022/04/25 12:0 a.m.36 views

EulerOS 2.0 SP5 : python-pillow (EulerOS-SA-2022-1549)

According to the versions of the python-pillow package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - pathgetbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path. CVE-2022-22815 - pathgetbbox in path.c in Pillow befor...

9.8CVSS7.3AI score0.03399EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2022/04/20 12:0 a.m.21 views

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2022-1436)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.5AI score0.03399EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/04/18 12:0 a.m.39 views

EulerOS 2.0 SP9 : python-pillow (EulerOS-SA-2022-1436)

According to the versions of the python-pillow package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - pathgetbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path. CVE-2022-22815 - pathgetbbox in path.c in Pillow befor...

9.8CVSS7.3AI score0.03399EPSS
Exploits0References4
Cent OS
Cent OS
added 2022/02/25 3:38 p.m.273 views

python security update

CentOS Errata and Security Advisory CESA-2022:0609 An update for python-pillow is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

9.8CVSS6.9AI score0.03399EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2022/02/24 12:0 a.m.32 views

RHEL 8 : python-pillow (RHSA-2022:0667)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0667 advisory. The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal...

9.8CVSS7.4AI score0.03399EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2022/02/24 12:0 a.m.28 views

RHEL 8 : python-pillow (RHSA-2022:0665)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0665 advisory. The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal...

9.8CVSS7.4AI score0.03399EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2022/02/24 12:0 a.m.31 views

RHEL 8 : python-pillow (RHSA-2022:0669)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0669 advisory. The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal...

9.8CVSS7.4AI score0.03399EPSS
Exploits0References6
Rockylinux
Rockylinux
added 2022/02/22 5:25 p.m.45 views

python-pillow security update

An update is available for python-pillow. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The python-pillow packages contain a Python image processing library th...

9.8CVSS8.5AI score0.03399EPSS
Exploits0
Redos
Redos
added 2022/02/01 12:0 a.m.59 views

ROS-20220128-02

A vulnerability in the Python Pillow image library is related to buffer re-reading during the ImagePath.Path initialization in the pathgetbbox function in path.c. Exploitation of the vulnerability could allow an attacker acting remotely to pass a specially crafted file to a vulnerable library and...

9.8CVSS8.7AI score0.03399EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/01/23 12:0 a.m.44 views

Debian DLA-2893-1 : pillow - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2893 advisory. - pathgetbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path. CVE-2022-22815 - pathgetbbox in path.c in Pillow before 9.0.0 has a buffer...

9.8CVSS7.4AI score0.03399EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2022/01/17 12:0 a.m.41 views

Ubuntu 16.04 ESM : Pillow vulnerabilities (USN-5227-2)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5227-2 advisory. USN-5227-1 fixed several vulnerabilities in Pillow. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Tenable has...

9.8CVSS6.9AI score0.03399EPSS
Exploits1References6
CNVD
CNVD
added 2022/01/14 12:0 a.m.32 views

Pillow input validation error vulnerability

Pillow is a Python-based image processing library. Pillow is vulnerable to an input validation error prior to 9.0.0, which stems from a networked system or product that does not properly validate input data. An attacker could exploit this vulnerability to execute arbitrary expressions using the...

9.8CVSS4.8AI score0.03399EPSS
Exploits0References1
Rows per page
Query Builder