5 matches found
pillow: Pillow: Out-of-bounds Write via Specially Crafted PSD Image
A flaw was found the Pillow Python imaging library. Providing a specially crafted PSD image may lead to an out-of-bounds write. This could potentially allow for arbitrary code execution or information disclosure...
USN-8399-1 pillow vulnerabilities
It was discovered that Pillow incorrectly handled large glyph advance values in fonts. An attacker could possibly use this issue to cause Pillow to crash, resulting in a denial of service. CVE-2026-42308 It was discovered that Pillow incorrectly handled nested coordinate lists in certain APIs. An...
Linux Distros Unpatched Vulnerability : CVE-2021-28678
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Pillow before 8.2.0. For BLP data, BlpImagePlugin did not properly check that reads after jumping to file offsets returned data. This...
Linux Distros Unpatched Vulnerability : CVE-2021-25290
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is a negative-offset memcpy with an invalid size. CVE-2021-25290 Note that Nessus relies ...
python-pillow: PIL.ImageMath.eval allows evaluation of arbitrary expressions
A flaw was found in python-pillow. The vulnerability occurs due to Improper Neutralization, leading to command injection. This flaw allows an attacker to externally-influenced input commands that modify the intended command...