python-pillow: improperly restricted operations on memory buffer in libImaging/PcxDecode.c

A flaw was discovered in python-pillow does where it does not properly restrict operations within the bounds of a memory buffer when decoding PCX images. An application that uses python-pillow to decode untrusted images may be vulnerable to this flaw, which can allow an attacker to crash the...

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2020-1244)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization for ARM 64 3.0.2.0 : python-pillow (EulerOS-SA-2020-1244)

According to the versions of the python-pillow package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - A memory disclosure vulnerability was found in python-pillow. Functions in map.c failed to check for image...

CentOS: Security Advisory for python-pillow (CESA-2020:0578)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CentOS 7 : python-pillow (RHSA-2020:0578)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0578 advisory. - An issue was discovered in Pillow before 6.2.0. When reading specially crafted invalid image files, the library can either allocate very large amount...

python security update

CentOS Errata and Security Advisory CESA-2020:0578 An update for python-pillow is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

Scientific Linux Security Update : python-pillow on SL7.x x86_64 (20200224)

Security Fixes : python-pillow: improperly restricted operations on memory buffer in libImaging/PcxDecode.c CVE-2020-5312 python-pillow: reading specially crafted image files leads to allocation of large amounts of memory and denial of service CVE-2019-16865 C Tenable Network Security, Inc. The...

Oracle Linux 8 : python-pillow (ELSA-2020-0580)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2020-0580 advisory. - Fix for CVE-2020-5311 - out-of-bounds write in expandrow Resolves: rhbz1789535 Tenable has extracted the preceding description block directly from th...

Oracle Linux 7 : python-pillow (ELSA-2020-0578)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-0578 advisory. - Combined fixes for CVE-2020-5312 and CVE-2019-16865 Resolves: rhbz1789533 Resolves: rhbz1774066 Tenable has extracted the preceding description block...

RHEL 8 : python-pillow (RHSA-2020:0580)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:0580 advisory. The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal...

python-pillow security update

5.1.1-10 - Bump and rebuild for gating to deliver CVE fixes Resolves: rhbz1789535 5.1.1-9 - Fix for CVE-2020-5311 - out-of-bounds write in expandrow Resolves: rhbz1789535 5.1.1-8 - Combined fixes for CVE-2020-5312 and CVE-2019-16865 Resolves: rhbz1789533 Resolves: rhbz1774066...

RHEL 7 : python-pillow (RHSA-2020:0578)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0578 advisory. The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal...

python-pillow security update

2.0.0-20gitd1c6db8 - Combined fixes for CVE-2020-5312 and CVE-2019-16865 Resolves: rhbz1789533 Resolves: rhbz1774066 2.0.0-19gitd1c6db8 - Reenabled webp support on little endian archs. 2.0.0-18gitd1c6db8 - Disabled webp support on ppc64le due to 962091 and 1127230. - Updated URL. 2.0.0-17gitd1c6d...

python-pillow: reading specially crafted image files leads to allocation of large amounts of memory and denial of service

A flaw was discovered in the way the python-pillow may allocate a large amount of memory or require a long time while processing specially crafted image files, possibly causing a denial of service. Applications that use the library to process untrusted files may be vulnerable to this flaw...

Important: Red Hat Security Advisory: python-pillow security update

An update for python-pillow is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

python-pillow: improperly restricted operations on memory buffer in libImaging/PcxDecode.c

A flaw was discovered in python-pillow does where it does not properly restrict operations within the bounds of a memory buffer when decoding PCX images. An application that uses python-pillow to decode untrusted images may be vulnerable to this flaw, which can allow an attacker to crash the...

python-pillow: reading specially crafted image files leads to allocation of large amounts of memory and denial of service

A flaw was discovered in the way the python-pillow may allocate a large amount of memory or require a long time while processing specially crafted image files, possibly causing a denial of service. Applications that use the library to process untrusted files may be vulnerable to this flaw...

Important: Red Hat Security Advisory: python-pillow security update

An update for python-pillow is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

python-pillow: out-of-bounds write in expandrow in libImaging/SgiRleDecode.c

An out-of-bounds write flaw was discovered in python-pillow in the way SGI RLE images are decoded. An application that uses python-pillow to decode untrusted images may be vulnerable to this flaw, which can allow an attacker to crash the application or potentially execute code on the system...

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2020-1128)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...