CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

An issue was discovered in Pillow before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for truetype in ImageFont when textlength in an ImageDraw instance operates o...

7.5CVSS6.8AI score0.01038EPSS

Exploits0References4

NVD•added 2021/06/02 4:15 p.m.•22 views

CVE-2021-25287

An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2kugrayala...

9.1CVSS0.02956EPSS

Exploits0References4

UbuntuCve•added 2021/05/10 12:0 a.m.•40 views

CVE-2021-25288

An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2kugrayi...

9.1CVSS6.9AI score0.02956EPSS

Exploits0References4

NVD•added 2021/03/19 4:15 a.m.•18 views

CVE-2021-25290

An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is a negative-offset memcpy with an invalid size...

7.5CVSS0.02372EPSS

Exploits0References3

AlpineLinux•added 2021/03/19 3:30 a.m.•40 views

CVE-2021-25293

An issue was discovered in Pillow before 8.1.1. There is an out-of-bounds read in SGIRleDecode.c...

7.5CVSS8.6AI score0.01601EPSS

Exploits0

AlpineLinux•added 2021/03/19 3:29 a.m.•40 views

CVE-2021-25289

An issue was discovered in Pillow before 8.1.1. TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode. NOTE: this issue exists because of an incomplete fix for CVE-2020-35654...

9.8CVSS9.7AI score0.02281EPSS

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by