Lucene search
K

5 matches found

RedHat Linux
RedHat Linux
added 2026/06/23 6:47 p.m.6 views

pillow: Pillow: Out-of-bounds Write via Specially Crafted PSD Image

A flaw was found the Pillow Python imaging library. Providing a specially crafted PSD image may lead to an out-of-bounds write. This could potentially allow for arbitrary code execution or information disclosure...

8.6CVSS7.2AI score0.00367EPSS
Exploits1References6
OSV
OSV
added 2026/06/08 12:43 p.m.9 views

USN-8399-1 pillow vulnerabilities

It was discovered that Pillow incorrectly handled large glyph advance values in fonts. An attacker could possibly use this issue to cause Pillow to crash, resulting in a denial of service. CVE-2026-42308 It was discovered that Pillow incorrectly handled nested coordinate lists in certain APIs. An...

8.6CVSS7.6AI score0.0015EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2021-28678

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Pillow before 8.2.0. For BLP data, BlpImagePlugin did not properly check that reads after jumping to file offsets returned data. This...

5.5CVSS6.3AI score0.00732EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.17 views

Linux Distros Unpatched Vulnerability : CVE-2021-25290

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is a negative-offset memcpy with an invalid size. CVE-2021-25290 Note that Nessus relies ...

7.5CVSS6.8AI score0.02372EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2022/02/24 9:55 a.m.7 views

python-pillow: PIL.ImageMath.eval allows evaluation of arbitrary expressions

A flaw was found in python-pillow. The vulnerability occurs due to Improper Neutralization, leading to command injection. This flaw allows an attacker to externally-influenced input commands that modify the intended command...

9.8CVSS5.8AI score0.03399EPSS
Exploits0References5
Rows per page
Query Builder