750 matches found
Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2021-2775)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2021-2670)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2021-2694)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2021-2719)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP9 : python-pillow (EulerOS-SA-2021-2719)
According to the versions of the python-pillow packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service ReDoS via the getrgb function...
CentOS 8 : python-pillow (CESA-2021:4149)
The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2021:4149 advisory. - python-pillow: Buffer over-read in PCX image reader CVE-2020-35653 - python-pillow: Buffer over-read in SGI RLE image reader CVE-2020-35655 -...
EulerOS 2.0 SP5 : python-pillow (EulerOS-SA-2021-2670)
According to the versions of the python-pillow package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service ReDoS via the getrgb function...
EulerOS 2.0 SP9 : python-pillow (EulerOS-SA-2021-2694)
According to the versions of the python-pillow packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service ReDoS via the getrgb function...
RHEL 8 : python-pillow (RHSA-2021:4149)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:4149 advisory. The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal...
Moderate: Red Hat Security Advisory: python-pillow security update
An update for python-pillow is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
python-pillow: Negative-offset memcpy in TIFF image reader
A flaw was found in python-pillow. In TiffDecode.c, there is a negative-offset memcpy with an invalid size which could lead to a system crash...
python-pillow: Regular expression DoS in PDF format parser
A flaw was found in python-pillow. The PDF parser has a catastrophic backtracking regex that could be used as a DOS attack...
python-pillow: Excessive memory allocation in PSD image reader
A flaw was found in python-pillow. PsdImagePlugin.PsdImageFile does not sanity check the number of input layers with regard to the size of the data block which could lead to a denial-of-service...
python-pillow: Excessive memory allocation in BLP image reader
A flaw was found in python-pillow. Attackers can cause a denial of service memory consumption because the reported size of a contained image is not properly checked for a BLP container, and thus an attempted memory allocation can be very large...
python-pillow: Excessive memory allocation in ICO image reader
A flaw was found in python-pillow. Attackers can cause a denial of service memory consumption because the reported size of a contained image is not properly checked for an ICO container, and thus an attempted memory allocation can be very large...
python-pillow: Infinite loop in FLI image reader
A flaw was found in python-pillow. FliDecode.c did not properly check that the block advance was non-zero, potentially leading to an infinite loop on load. This issue dates to the PIL fork. The highest threat from this vulnerability is to system availability...
python-pillow: Buffer over-read in SGI RLE image reader
A flaw was found in python-pillow. SGIRleDecode has a 4-byte buffer over-read when decoding crafted SGI RLE image files because offsets and length tables are mishandled...
python-pillow: Out-of-bounds read in J2K image reader
There is an out-of-bounds read in J2kDecode in j2kugrayi. For J2k images with multiple bands, it’s legal to have different widths for each band, e.g. 1 byte for L, 4 bytes for A...
python-pillow: Out-of-bounds read in SGI RLE image reader
A flaw was found in python-pillow. There is an Out of Bounds Read in SGIRleDecode.c...
ALSA-2021:4149 Moderate: python-pillow security update
The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Security Fixes: python-pillow: Out-of-bounds read in J2K image reader CVE-2021-25287 python-pillow:...