750 matches found
SUSE-SU-2024:1673-2 Security update for python-Pillow
This update for python-Pillow fixes the following issues: - Fixed ImagePath.Path array handling bsc1194552, CVE-2022-22815, bsc1194551, CVE-2022-22816 - Use snprintf instead of sprintf bsc1188574, CVE-2021-34552 - Fix Memory DOS in Icns, Ico and Blp Image Plugins. bsc1183110, CVE-2021-27921,...
Debian dsa-5704 : python-pil-doc - security update
The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5704 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5704-1 [email protected]...
RHEL 6 : python-pillow (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - python-pillow, python-imaging: command injection issue CVE-2014-3007 - python-pillow: Missing check for...
RHEL 5 : python-pillow (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - python-pillow, python-imaging: command injection issue CVE-2014-3007 - python-pillow: Missing check for...
RHEL 7 : python-pillow (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - python-pillow, python-imaging: command injection issue CVE-2014-3007 - python-pillow: Missing check for...
RHEL 8 : python-pillow (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - python-pillow: an out-of-bounds read in libImaging/PcxDecode.c can occur when reading PCX files...
Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2024-1774)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2024-1751)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP12 : python-pillow (EulerOS-SA-2024-1751)
According to the versions of the python-pillow package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than...
EulerOS 2.0 SP12 : python-pillow (EulerOS-SA-2024-1774)
According to the versions of the python-pillow package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than...
Oracle Linux 8 : python-pillow (ELSA-2024-3005)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-3005 advisory. - Security fix for CVE-2023-50447 Resolves: RHEL-22240 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory...
openSUSE Security Advisory (SUSE-SU-2024:1673-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
python-pillow security update
5.1.1-20 - Security fix for CVE-2023-50447 Resolves: RHEL-22240 5.1.1-19 - Security fix for CVE-2023-44271 Resolves: RHEL-15460...
RHEL 8 : python-pillow (RHSA-2024:3005)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3005 advisory. The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representatio...
Moderate: Red Hat Security Advisory: python-pillow security update
An update for python-pillow is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
python-pillow: uncontrolled resource consumption when textlength in an ImageDraw instance operates on a long text argument
A flaw was found in Pillow. A denial of service issue uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for TrueType in ImageFont when text length in an ImageDraw instance operates on a long text argument...
CentOS 8 : python-pillow (CESA-2024:3005)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2024:3005 advisory. - An issue was discovered in Pillow before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process a given task, potentially causing a...
Moderate: python-pillow security update
The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Security Fixes: python-pillow: uncontrolled resource consumption when textlength in an ImageDraw...
openSUSE 15 Security Update : python-Pillow (SUSE-SU-2024:1673-1)
The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1673-1 advisory. - In Pillow before 8.1.0, TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts...
SUSE-SU-2024:1673-1 Security update for python-Pillow
This update for python-Pillow fixes the following issues: - Fixed ImagePath.Path array handling bsc1194552, CVE-2022-22815, bsc1194551, CVE-2022-22816 - Use snprintf instead of sprintf bsc1188574, CVE-2021-34552 - Fix Memory DOS in Icns, Ico and Blp Image Plugins. bsc1183110, CVE-2021-27921,...