Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2021-1167)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS 8 : python-pillow (CESA-2020:3185)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2020:3185 advisory. - python-pillow: out-of-bounds reads/writes in the parsing of SGI image files in expandrow/expandrow2 CVE-2020-11538 - python-pillow: out-of-bounds rea...

EulerOS 2.0 SP8 : python-pillow (EulerOS-SA-2021-1167)

According to the versions of the python-pillow packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In libImaging/PcxDecode.c in Pillow before 7.1.0, an out-of-bounds read can occur when reading PCX files where state-shuffle is instructe...

CentOS 8 : python-pillow (CESA-2020:0580)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2020:0580 advisory. - python-pillow: reading specially crafted image files leads to allocation of large amounts of memory and denial of service CVE-2019-16865 -...

Fedora 32 : python-pillow (2021-880aa7bd27)

The remote Fedora 32 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-880aa7bd27 advisory. - In Pillow before 8.1.0, PcxDecode has a buffer over-read when decoding a crafted PCX file because the user-supplied stride value is trusted for...

Fedora: Security Advisory for python-pillow (FEDORA-2021-a8ddc1ce70)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora 33 : mingw-python-pillow / python-pillow (2021-a8ddc1ce70)

The remote Fedora 33 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2021-a8ddc1ce70 advisory. - In Pillow before 8.1.0, PcxDecode has a buffer over-read when decoding a crafted PCX file because the user-supplied stride value is trusted for...

Fedora: Security Advisory for mingw-python-pillow (FEDORA-2021-a8ddc1ce70)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2020-35654

A flaw was found in python-pillow. TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availabilit...

CVE-2020-35655

A flaw was found in python-pillow. SGIRleDecode has a 4-byte buffer over-read when decoding crafted SGI RLE image files because offsets and length tables are mishandled...

CVE-2020-35653

A flaw was found in python-pillow. The PcxDecode in Pillow has a buffer over-read when decoding a crafted PCX file due to the user-supplied stride value trusted for buffer calculations. The highest threat from this vulnerability is to system availability...

[ASA-202101-11] python-pillow: multiple issues

Arch Linux Security Advisory ASA-202101-11 ========================================== Severity: Medium Date : 2021-01-12 CVE-ID : CVE-2020-35653 CVE-2020-35654 CVE-2020-35655 Package : python-pillow Type : multiple issues Remote : No Link : https://security.archlinux.org/AVG-1438 Summary =======...

NewStart CGSL CORE 5.05 / MAIN 5.05 : python-pillow Multiple Vulnerabilities (NS-SA-2020-0104)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has python-pillow packages installed that are affected by multiple vulnerabilities: - An issue was discovered in Pillow before 6.2.0. When reading specially crafted invalid image files, the library can either allocate very larg...

MGASA-2020-0434 Updated python-pillow packages fix security vulnerabilities

Pillow before 6.2.3 and 7.x before 7.0.1 has multiple out-of-bounds reads in libImaging/FliDecode.c CVE-2020-10177. In libImaging/PcxDecode.c in Pillow before 6.2.3 and 7.x before 7.0.1, an out-of-bounds read can occur when reading PCX files where state-shuffle is instructed to read beyond...

EulerOS Virtualization 3.0.6.6 : python-pillow (EulerOS-SA-2020-2473)

According to the versions of the python-pillow package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Pillow before 7.1.0 has multiple out-of-bounds reads in libImaging/FliDecode.c.CVE-2020-10177 - In libImaging/PcxDecode.c i...

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2020-2473)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2020-2389)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP2 : python-pillow (EulerOS-SA-2020-2389)

According to the versions of the python-pillow package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Pillow before 6.2.0. When reading specially crafted invalid image files, the library can either allocate very...

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2020-2266)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP5 : python-pillow (EulerOS-SA-2020-2266)

According to the versions of the python-pillow package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Pillow before 7.1.0 has multiple out-of-bounds reads in libImaging/FliDecode.c.CVE-2020-10177 - In libImaging/PcxDecode.c in Pillow before...