[SECURITY] Fedora 36 Update: python-pillow-9.0.1-6.fc36

Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk tk interface, qt PIL image wrapper for Qt, devel developmen...

AlmaLinux 8 : python-pillow (ALSA-2022:0643)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:0643 advisory. - pathgetbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization of ImagePath.Path. CVE-2022-22816 - PIL.ImageMath.eval in Pill...

CentOS: Security Advisory for python-pillow (CESA-2022:0609)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CentOS 7 : python-pillow (RHSA-2022:0609)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0609 advisory. - pathgetbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization of ImagePath.Path. CVE-2022-22816 - PIL.ImageMath.eval in...

python-pillow: buffer over-read during initialization of ImagePath.Path in path_getbbox() in path.c

A flaw was found in python-pillow. The vulnerability occurs due to improper initialization of image paths, leading to a buffer over-read and improper initialization. This flaw allows an attacker to unauthorized memory access that causes memory access errors, incorrect results, or crashes...

python-pillow: PIL.ImageMath.eval allows evaluation of arbitrary expressions

A flaw was found in python-pillow. The vulnerability occurs due to Improper Neutralization, leading to command injection. This flaw allows an attacker to externally-influenced input commands that modify the intended command...

Important: Red Hat Security Advisory: python-pillow security update

An update for python-pillow is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availab...

Important: Red Hat Security Advisory: python-pillow security update

An update for python-pillow is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availab...

python-pillow: buffer over-read during initialization of ImagePath.Path in path_getbbox() in path.c

A flaw was found in python-pillow. The vulnerability occurs due to improper initialization of image paths, leading to a buffer over-read and improper initialization. This flaw allows an attacker to unauthorized memory access that causes memory access errors, incorrect results, or crashes...

Important: Red Hat Security Advisory: python-pillow security update

An update for python-pillow is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

python-pillow: buffer over-read during initialization of ImagePath.Path in path_getbbox() in path.c

A flaw was found in python-pillow. The vulnerability occurs due to improper initialization of image paths, leading to a buffer over-read and improper initialization. This flaw allows an attacker to unauthorized memory access that causes memory access errors, incorrect results, or crashes...

RHEL 8 : python-pillow (RHSA-2022:0643)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0643 advisory. The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal...

RHEL 8 : python-pillow (RHSA-2022:0667)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0667 advisory. The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal...

Scientific Linux Security Update : python-pillow on SL7.x i686/x86_64 (2022:0609)

The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the SLSA-2022:0609-1 advisory. - python-pillow: PIL.ImageMath.eval allows evaluation of arbitrary expressions CVE-2022-22817 - python-pillow: buffer over-read during...

RHEL 8 : python-pillow (RHSA-2022:0665)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0665 advisory. The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal...

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2022-1184)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 8 : python-pillow (RHSA-2022:0669)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0669 advisory. The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal...

python-pillow security update

5.1.1-18 - Fixup for CVE-2022-22817 - Security fixes for CVE-2022-22815, CVE-2022-22816 Resolves: rhbz2042522 5.1.1-17 - Fix for CVE-2022-22817 Resolves: rhbz2042527...

Oracle Linux 7 : python-pillow (ELSA-2022-0609)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-0609 advisory. - Fixup for CVE-2022-22817 - Security fixes for CVE-2022-22815, CVE-2022-22816 Resolves: rhbz2042522 Tenable has extracted the preceding description...

EulerOS 2.0 SP3 : python-pillow (EulerOS-SA-2022-1184)

According to the versions of the python-pillow package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service ReDoS via the getrgb function...