RHEL 8 : python-pillow (RHSA-2024:1059)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:1059 advisory. The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representatio...

AlmaLinux 8 : python-pillow (ALSA-2024:0893)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:0893 advisory. - Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than CVE-2022-22817 which was...

python security update

CentOS Errata and Security Advisory CESA-2024:0857 An update for python-pillow is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

Important: Red Hat Security Advisory: python-pillow security update

An update for python-pillow is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

RHEL 8 : python-pillow (RHSA-2024:0893)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0893 advisory. The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representatio...

CentOS 8 : python-pillow (CESA-2024:0893)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2024:0893 advisory. - Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than CVE-2022-22817 which wa...

Oracle Linux 8 : python-pillow (ELSA-2024-0893)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-0893 advisory. 5.1.1-18.1 - Security fix for CVE-2023-50447 Resolves: RHEL-22240 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Important: Red Hat Security Advisory: python-pillow security update

An update for python-pillow is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

Medium: python-pillow

Issue Overview: Buffer overflow in the ImagingFliDecode function in libImaging/FliDecode.c in Pillow before 3.1.1 allows remote attackers to cause a denial of service crash via a crafted FLI file. CVE-2016-0775 Affected Packages: python-pillow Note: This advisory is applicable to Amazon Linux 2 A...

Oracle Linux 7 : python-pillow (ELSA-2024-0857)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-0857 advisory. 2.0.0-25gitd1c6db8 - Security fix for CVE-2023-50447 Resolves: RHEL-22239 Tenable has extracted the preceding description block directly from the Oracle Linux...

Amazon Linux 2 : python-pillow (ALAS-2024-2472)

The version of python-pillow installed on the remote host is prior to 2.0.0-23.gitd1c6db8. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2472 advisory. Buffer overflow in the ImagingFliDecode function in libImaging/FliDecode.c in Pillow before 3.1.1 allows remote...

python-pillow security update

2.0.0-25gitd1c6db8 - Security fix for CVE-2023-50447 Resolves: RHEL-22239...

SUSE-SU-2024:0439-1 Security update for python-Pillow

This update for python-Pillow fixes the following issues: - CVE-2023-50447: Fixed arbitrary code execution via the environment parameter. bsc1219048...

RHEL 8 : python-pillow (RHSA-2024:0754)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0754 advisory. The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representatio...

Important: python-pillow

Issue Overview: Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than CVE-2022-22817 which was about the expression parameter. CVE-2023-50447 Affected Packages: python-pillow Issue Correction: Run dnf update...

Amazon Linux 2 : python-pillow (ALAS-2024-2444)

The version of python-pillow installed on the remote host is prior to 2.0.0-23.gitd1c6db8. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2444 advisory. Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a differe...

SUSE-SU-2024:0290-1 Security update for python-Pillow

This update for python-Pillow fixes the following issues: - CVE-2023-50447: Fixed arbitrary code execution via the environment parameter. bsc1219048 - CVE-2022-22817: Fixes evaluation of arbitrary expressions via PIL.ImageMath.eval. bsc1194521...

Mageia: Security Advisory (MGASA-2024-0018)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2024-0018 Updated python-pillow packages fix a security vulnerability

This update fixes the following security issue: Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter This is a different vulnerability than CVE-2022-22817 which was about the expression parameter...

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2024-1128)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...