27 matches found
EUVD-2021-0169
Malware in sbrugna...
BIT-PILLOW-2021-28675
An issue was discovered in Pillow before 8.2.0. PSDImagePlugin.PsdImageFile lacked a sanity check on the number of input layers relative to the size of the data block. This could lead to a DoS on Image.open prior to Image.load...
Medium: python-pillow
Issue Overview: An issue was discovered in Pillow before 8.2.0. PSDImagePlugin.PsdImageFile lacked a sanity check on the number of input layers relative to the size of the data block. This could lead to a DoS on Image.open prior to Image.load. CVE-2021-28675 Affected Packages: python-pillow Note:...
EulerOS Virtualization 3.0.2.2 : python-pillow (EulerOS-SA-2023-1288)
According to the versions of the python-pillow package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service ReDoS via the getrgb...
AlmaLinux 8 : python-pillow (ALSA-2021:4149)
The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2021:4149 advisory. - In Pillow before 8.1.0, PcxDecode has a buffer over-read when decoding a crafted PCX file because the user-supplied stride value is trusted for buffer...
Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2021-2432)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP2 : python-pillow (EulerOS-SA-2021-2432)
According to the versions of the python-pillow package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Pillow before 8.2.0. PSDImagePlugin.PsdImageFile lacked a sanity check on the number of input layers relative t...
EulerOS 2.0 SP5 : python-pillow (EulerOS-SA-2021-2345)
According to the versions of the python-pillow package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Pillow before 8.2.0. PSDImagePlugin.PsdImageFile lacked a sanity check on the number of input layers relative t...
Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2021-2345)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP8 : python-pillow (EulerOS-SA-2021-2314)
According to the versions of the python-pillow packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2kugrayala.CVE-2021-25287 - An issue was...
EulerOS 2.0 SP9 : python-pillow (EulerOS-SA-2021-2253)
According to the versions of the python-pillow package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Pillow before 8.1.1 allows attackers to cause a denial of service memory consumption because the reported size of a contained image is not...
EulerOS Virtualization 2.9.0 : python-pillow (EulerOS-SA-2021-2209)
According to the versions of the python-pillow package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Pillow before 8.1.1 allows attackers to cause a denial of service memory consumption because the reported size of a contain...
EulerOS Virtualization 2.9.1 : python-pillow (EulerOS-SA-2021-2187)
According to the versions of the python-pillow package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Pillow before 8.1.1 allows attackers to cause a denial of service memory consumption because the reported size of a contain...
EulerOS Virtualization for ARM 64 3.0.2.0 : python-pillow (EulerOS-SA-2021-2123)
According to the versions of the python-pillow package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - A flaw was found in python-pillow. In TiffDecode.c, there is a negative-offset memcpy with an invalid size which...
Pillow denial of service
An issue was discovered in Pillow before 8.2.0. PSDImagePlugin.PsdImageFile lacked a sanity check on the number of input layers relative to the size of the data block. This could lead to a DoS on Image.open prior to Image.load...
Pillow Denial of Service Vulnerability (CNVD-2021-54030)
Pillow is a Python-based image processing library. A denial of service vulnerability exists in versions of Pillow prior to 8.2.0, which stems from the fact that PSDImagePlugin.PsdImageFile does not properly check the number of input layers based on data block size, and can be exploited by attacke...
Denial Of Service (DoS)
pillow is vulnerable to denial of service. Lack of validation of the input layers and size of data block in PsdImagePlugin.PsdImageFile can allow an attacker to cause a denial-of-service condition on open prior to load...
CVE-2021-28675
An issue was discovered in Pillow before 8.2.0. PSDImagePlugin.PsdImageFile lacked a sanity check on the number of input layers relative to the size of the data block. This could lead to a DoS on Image.open prior to Image.load...
CVE-2021-28675
An issue was discovered in Pillow before 8.2.0. PSDImagePlugin.PsdImageFile lacked a sanity check on the number of input layers relative to the size of the data block. This could lead to a DoS on Image.open prior to Image.load...
Design/Logic Flaw
An issue was discovered in Pillow before 8.2.0. PSDImagePlugin.PsdImageFile lacked a sanity check on the number of input layers relative to the size of the data block. This could lead to a DoS on Image.open prior to Image.load...