PT-2026-45559

Banana Slides through 0.4.0, patched in commit e8bc490, contains a path traversal vulnerability in the generate image function within the AI service backend that allows unauthenticated attackers to read arbitrary image-format files outside the intended uploads directory by exploiting an incomplet...

CVE-2026-3961 zyddnys manga-image-translator Translate Endpoints request_extraction.py to_pil_image server-side request forgery

A vulnerability was determined in zyddnys manga-image-translator up to beta-0.3. The affected element is the function topilimage of the file manga-image-translator-main/server/requestextraction.py of the component Translate Endpoints. This manipulation causes server-side request forgery. It is...

Moderate: Red Hat Security Advisory: python-pillow security update

An update for python-pillow is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

Important: python-pillow

Issue Overview: Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than CVE-2022-22817 which was about the expression parameter. CVE-2023-50447 Affected Packages: python-pillow Note: This advisory is applicable to Amaz...

The vulnerability of the Pillow image processing library, caused by overflow in the dynamic memory buffer, allows attackers to compromise the confidentiality and integrity of the protected information.

The vulnerability of the Pillow image processing library arises from an overflow in the buffer of dynamic memory. Exploiting this vulnerability can allow a remote attacker to compromise the confidentiality and integrity of the protected information...

The vulnerability of the Convert.c component in the Pillow image processing library, related to buffer overflow in memory, allows an attacker to access confidential data, compromise its integrity, and cause service interruptions.

The vulnerability of the Convert.c component in the Pillow image processing library relates to the ability to pass parameters directly to the function. Exploiting this vulnerability can allow a remote attacker to gain access to confidential data, compromise its integrity, and cause service failur...

CVE-2021-28676

An issue was discovered in Pillow before 8.2.0. For FLI data, FliDecode did not properly check that the block advance was non-zero, potentially leading to an infinite loop on load...

Pillow 缓冲区错误漏洞

Python Imaging Library PIL is a free library for the Python programming language that supports opening, manipulating, and saving a wide range of image file formats.Pillow is a PIL branch. An out-of-bounds read vulnerability exists in the j2kugrayi function in J2kDecode in versions of Pillow prior...

CVE-2021-27923

Pillow before 8.1.2 allows attackers to cause a denial of service memory consumption because the reported size of a contained image is not properly checked for an ICO container, and thus an attempted memory allocation can be very large...

The vulnerability of the PCX P library for image processing in Pillow allows a hacker to trigger a service failure.

The vulnerability of the PCX P library for image processing in Pillow relates to the issue of the operation exceeding the buffer boundaries in memory during the encoding of PCX images. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

The vulnerability of the Pillow image processing library, related to unlimited resource distribution, allows a hacker to cause a service failure.

The vulnerability of the Pillow image processing library is related to the unlimited distribution of resources. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures by creating specially crafted image files...

The vulnerability of the _open_index function in the FpxImagePlugin.py library, a library for working with images from Pillow, related to integer overflow, allows a hacker to cause a service failure.

The vulnerability of the openindex function in the FpxImagePlugin.py library, a library for working with images, relates to a lack of mechanisms for controlling resource consumption. Exploiting this vulnerability allows an attacker who operates remotely to cause service interruptions...

Important: Red Hat Security Advisory: python-pillow security update

An update for python-pillow is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...