32 matches found
📄 psd-tools Denial of Service
When a specially crafted PSD file contains malformed RLE-compressed image data for example, a literal run extending beyond the expected row size, the internal decoderle function raises a ValueError in psd-tools, resulting in a denial of service condition...
Linux Distros Unpatched Vulnerability : CVE-2026-27809
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - psd-tools is a Python package for working with Adobe Photoshop PSD files. Prior to version 1.12.2, when a PSD file contains malformed RLE-compressed image data...
Buffer Overflow
psd-tools is vulnerable to Buffer Overflow. The vulnerability is due to malformed RLE-compressed image data, where decoderle raises ValueError which propagated all the way to the user, crashing psd.composite and psd-tools export, and attackers can exploit it by crafting a PSD file with malformed...
CVE-2026-27809
psd-tools is a Python package for working with Adobe Photoshop PSD files. Prior to version 1.12.2, when a PSD file contains malformed RLE-compressed image data e.g. a literal run that extends past the expected row size, decoderle raises ValueError which propagated all the way to the user, crashin...
agkit (=0.27.0), mangadownloadlib (=1.0.0) +2 more potentially affected by CVE-2026-27809 via psd-tools (>=0.10.0 <=1.10.9)
psd-tools PYPI version =0.10.0, =3.5.0, =4.79.0 - psdtojpg =0.1.0 Source cves: CVE-2026-27809 Source advisory: OSV:GHSA-24P2-J2JR-386W...
GHSA-24P2-J2JR-386W psd-tools: Compression module has unguarded zlib decompression, missing dimension validation, and hardening gaps
Summary A security review of the psdtools.compression module conducted against the fix/invalid-rle-compression branch, commits 7490ffa–2a006f5 identified the following pre-existing issues. The two findings introduced and fixed by those commits Cython buffer overflow, IndexError on lone repeat...
agkit (=0.27.0), mangadownloadlib (=1.0.0) +1 more potentially affected by CVE-2026-27809 via psd-tools (>=1.10.2 <=1.10.9)
psd-tools PYPI version =1.10.2, =3.5.0, =4.79.0 Source cves: CVE-2026-27809 Source advisory: SNYK:PYTHON-PSDTOOLS-15357995...
Improper Handling of Highly Compressed Data (Data Amplification)
Overview psd-tools is a Python package for working with Adobe Photoshop PSD files as described in specification. Affected versions of this package are vulnerable to Improper Handling of Highly Compressed Data Data Amplification via the compression module. An attacker can cause application crashes...
DEBIAN-CVE-2026-27809
psd-tools is a Python package for working with Adobe Photoshop PSD files. Prior to version 1.12.2, when a PSD file contains malformed RLE-compressed image data e.g. a literal run that extends past the expected row size, decoderle raises ValueError which propagated all the way to the user, crashin...
CVE-2026-27809
psd-tools is a Python package for working with Adobe Photoshop PSD files. Prior to version 1.12.2, when a PSD file contains malformed RLE-compressed image data e.g. a literal run that extends past the expected row size, decoderle raises ValueError which propagated all the way to the user, crashin...
UBUNTU-CVE-2026-27809
psd-tools is a Python package for working with Adobe Photoshop PSD files. Prior to version 1.12.2, when a PSD file contains malformed RLE-compressed image data e.g. a literal run that extends past the expected row size, decoderle raises ValueError which propagated all the way to the user, crashin...
psd-tools 安全漏洞
psd-tools is an open-source Python package designed for reading Adobe Photoshop PSD files. Versions of psd-tools prior to 1.12.2 contained security vulnerabilities. These vulnerabilities occurred due to the lack of handling of ValueError exceptions when processing PSD files containing...
CVE-2026-27809
psd-tools is a Python package for working with Adobe Photoshop PSD files. Prior to version 1.12.2, when a PSD file contains malformed RLE-compressed image data e.g. a literal run that extends past the expected row size, decoderle raises ValueError which propagated all the way to the user, crashin...
CVE-2026-27809 psd-tools: Compression module has unguarded zlib decompression, missing dimension validation, and hardening gaps
psd-tools is a Python package for working with Adobe Photoshop PSD files. Prior to version 1.12.2, when a PSD file contains malformed RLE-compressed image data e.g. a literal run that extends past the expected row size, decoderle raises ValueError which propagated all the way to the user, crashin...
CVE-2026-27809 psd-tools: Compression module has unguarded zlib decompression, missing dimension validation, and hardening gaps
psd-tools is a Python package for working with Adobe Photoshop PSD files. Prior to version 1.12.2, when a PSD file contains malformed RLE-compressed image data e.g. a literal run that extends past the expected row size, decoderle raises ValueError which propagated all the way to the user, crashin...
CVE-2026-27809
psd-tools is a Python package for working with Adobe Photoshop PSD files. Prior to version 1.12.2, when a PSD file contains malformed RLE-compressed image data e.g. a literal run that extends past the expected row size, decoderle raises ValueError which propagated all the way to the user, crashin...
CVE-2026-27809
psd-tools (Python) prior to v1.12.2 is vulnerable when parsing PSD files with malformed RLE-compressed image data: decode_rle() can raise ValueError that was not caught, causing psd.composite() and psd-tools export to crash. The fix in v1.12.2 wraps the decode_rle() call in a try/except so that t...
CVE-2026-27809 psd-tools: Compression module has unguarded zlib decompression, missing dimension validation, and hardening gaps
psd-tools is a Python package for working with Adobe Photoshop PSD files. Prior to version 1.12.2, when a PSD file contains malformed RLE-compressed image data e.g. a literal run that extends past the expected row size, decoderle raises ValueError which propagated all the way to the user, crashin...
PT-2026-22058
Name of the Vulnerable Software and Affected Versions psd-tools versions prior to 1.12.2 Description psd-tools, a Python package for working with Adobe Photoshop PSD files, contains multiple issues. A lack of a length cap on zlib.decompress can lead to denial-of-service or out-of-memory crashes...
CVE-2020-10571
An issue was discovered in psd-tools before 1.9.4. The Cython implementation of RLE decoding did not check for malicious data...