Oracle Linux 8 : python-pillow (ELSA-2022-0643)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-0643 advisory. - Fixup for CVE-2022-22817 - Security fixes for CVE-2022-22815, CVE-2022-22816 Resolves: rhbz2042522 Tenable has extracted the preceding description...

python-pillow: buffer over-read during initialization of ImagePath.Path in path_getbbox() in path.c

A flaw was found in python-pillow. The vulnerability occurs due to improper initialization of image paths, leading to a buffer over-read and improper initialization. This flaw allows an attacker to unauthorized memory access that causes memory access errors, incorrect results, or crashes...

python-pillow: PIL.ImageMath.eval allows evaluation of arbitrary expressions

A flaw was found in python-pillow. The vulnerability occurs due to Improper Neutralization, leading to command injection. This flaw allows an attacker to externally-influenced input commands that modify the intended command...

python-pillow: improperly initializes ImagePath.Path in path_getbbox() in path.c

A flaw was found in python-pillow. The vulnerability occurs due to improper initialization of image paths, leading to improperly initializing the ImagePath. This flaw allows an attacker to access unauthorized memory that causes memory access errors, incorrect results, or crashes...

Important: python-pillow security update

The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Security Fixes: python-pillow: PIL.ImageMath.eval allows evaluation of arbitrary expressions...

python-pillow security update

An update is available for python-pillow. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The python-pillow packages contain a Python image processing library th...

RLSA-2022:0643 Important: python-pillow security update

The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Security Fixes: python-pillow: PIL.ImageMath.eval allows evaluation of arbitrary expressions...

ALSA-2022:0643 Important: python-pillow security update

The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Security Fixes: python-pillow: PIL.ImageMath.eval allows evaluation of arbitrary expressions...

python-pillow: PIL.ImageMath.eval allows evaluation of arbitrary expressions

A flaw was found in python-pillow. The vulnerability occurs due to Improper Neutralization, leading to command injection. This flaw allows an attacker to externally-influenced input commands that modify the intended command...

Important: Red Hat Security Advisory: python-pillow security update

An update for python-pillow is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

RHEL 7 : python-pillow (RHSA-2022:0609)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0609 advisory. The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal...

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2022-1142)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.6.6 : python-pillow (EulerOS-SA-2022-1142)

According to the versions of the python-pillow package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service ReDoS via the getrgb...

CVE-2022-24303

A flaw was found in python-pillow. The vulnerability occurs due to the not validated remove operation, leading to Improper input validation. This flaw allows an attacker to externally-influenced input commands that modify or remove the intended command...

Rocky Linux 8 : python-pillow (RLSA-2021:4149)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:4149 advisory. - Pillow through 8.2.0 and PIL aka Python Imaging Library through 1.1.7 allow an attacker to pass controlled parameters directly into a convert function to trigg...

AlmaLinux 8 : python-pillow (ALSA-2021:4149)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2021:4149 advisory. - In Pillow before 8.1.0, PcxDecode has a buffer over-read when decoding a crafted PCX file because the user-supplied stride value is trusted for buffer...

[SECURITY] Fedora 34 Update: mingw-python-pillow-8.1.2-5.fc34

MinGW Windows Python pillow library...

[SECURITY] Fedora 34 Update: python-pillow-8.1.2-6.fc34

Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk tk interface, qt PIL image wrapper for Qt, devel developmen...

Fedora: Security Advisory for mingw-python-pillow (FEDORA-2022-e4087f9366)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for mingw-python-pillow (FEDORA-2022-a1bc7decc9)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...