CVE-2020-10378

A flaw was found in python-pillow. In libImaging/PcxDecode.c, an out-of-bounds read occurs when reading PCX files where state-shuffle is instructed to read beyond state-buffer...

CVE-2020-10994

An out-of-bounds read flaw was found in python-pillow in the way JP2 images are parsed. An application that uses python-pillow to decode untrusted images may be vulnerable to this issue. This flaw allows an attacker to read data. The highest threat from this vulnerability is to confidentiality...

CVE-2020-11538

An out-of-bounds read/write flaw was found in python-pillow, in the way SGI RLE images are decoded. An application that uses python-pillow to decode untrusted images may be vulnerable. This flaw allows an attacker to crash the application or potentially execute code on the system. The highest...

EulerOS Virtualization 3.0.6.0 : python-pillow (EulerOS-SA-2020-1728)

According to the version of the python-pillow package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - libImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode buffer overflow.CVE-2020-5312 Note that Tenable Network Securit...

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2020-1707)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization for ARM 64 3.0.6.0 : python-pillow (EulerOS-SA-2020-1707)

According to the versions of the python-pillow package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overflow.CVE-2020-5313 - libImaging/PcxDecode.c ...

NewStart CGSL CORE 5.04 / MAIN 5.04 : python-pillow Multiple Vulnerabilities (NS-SA-2020-0024)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has python-pillow packages installed that are affected by multiple vulnerabilities: - An issue was discovered in Pillow before 6.2.0. When reading specially crafted invalid image files, the library can either allocate very larg...

EulerOS 2.0 SP8 : python-pillow (EulerOS-SA-2020-1589)

According to the versions of the python-pillow packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - libImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode buffer overflow.CVE-2020-5312 - libImaging/FliDecode.c in Pillow before...

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2020-1589)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2020:1194-1 Security update for python-Pillow

This update for python-Pillow fixes the following issues: Security issues fixed: - CVE-2016-2533: Fixed an integer overflow in the ImagingResampleHorizontal function bsc967970. - CVE-2016-4009: Fixed a buffer overflow in the PCD decoder bsc975500...

EulerOS Virtualization for ARM 64 3.0.2.0 : python-pillow (EulerOS-SA-2020-1532)

According to the versions of the python-pillow package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - Integer overflow in the ImagingResampleHorizontal function in libImaging/Resample.c in Pillow before 3.1.1 allow...

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2020-1532)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux 2 : python-pillow (ALAS-2020-1412)

The version of python-pillow installed on the remote host is prior to 2.0.0-20.gitd1c6db8. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1412 advisory. A flaw was discovered in the way the python-pillow may allocate a large amount of memory or require a lo...

Important: python-pillow

Issue Overview: A flaw was discovered in the way the python-pillow may allocate a large amount of memory or require a long time while processing specially crafted image files, possibly causing a denial of service. Applications that use the library to process untrusted files may be vulnerable to...

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2020-1473)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.2.2 : python-pillow (EulerOS-SA-2020-1473)

According to the versions of the python-pillow package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Pillow before 3.3.2 allows context-dependent attackers to obtain sensitive information by using the 'crafted image file'...

CentOS: Security Advisory for python-imaging (CESA-2020:0898)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2020-1322)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 6 : python-imaging (RHSA-2020:0898)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0898 advisory. The Python Imaging Library PIL adds image processing capabilities to your Python interpreter. This library provides extensive file format support, an...

EulerOS 2.0 SP5 : python-pillow (EulerOS-SA-2020-1322)

According to the version of the python-pillow package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - libImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode buffer overflow.CVE-2020-5312 Note that Tenable Network Security has extracted...