Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Tenable Nessus
Tenable Nessusadded 2024/11/14 12:0 a.m.5 views

Amazon Linux 2023 : python3-pillow, python3-pillow-devel, python3-pillow-tk (ALAS2023-2024-767)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-767 advisory. In imagingcms.c, two strcpy calls were able to copy too much data into fixed length strings. This has been fixed by using strncpy instead. CVE-2024-28219 Tenable has extracted the preceding description...

6.7CVSS6.2AI score0.00354EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2024/07/03 12:0 a.m.11 views

Oracle Linux 8 : python-pillow (ELSA-2024-4227)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-4227 advisory. 5.1.1-21 - Security fix for CVE-2024-28219 Resolves: RHEL-31071 Tenable has extracted the preceding description block directly from the Oracle Linux security...

6.7CVSS6.3AI score0.00354EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2024/04/03 12:0 a.m.13 views

Amazon Linux 2023 : python3-pillow, python3-pillow-devel, python3-pillow-tk (ALAS2023-2024-582)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-582 advisory. Affected versions of this package are vulnerable to Denial of Service DoS when using arbitrary strings as text input and the number of characters passed into PIL.ImageFont.ImageFont.getmask is over a...

5.7AI score
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2023/12/14 12:0 a.m.25 views

Amazon Linux 2023 : python3-pillow, python3-pillow-devel, python3-pillow-tk (ALAS2023-2023-453)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-453 advisory. An issue was discovered in Pillow before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of...

7.5CVSS6.6AI score0.00236EPSS
Exploits0References4
OpenVAS
OpenVASadded 2023/05/17 12:0 a.m.16 views

Mageia: Security Advisory (MGASA-2023-0164)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.7AI score0.00604EPSS
Exploits1References4
Tenable Nessus
Tenable Nessusadded 2023/03/23 12:0 a.m.19 views

Amazon Linux 2023 : python3-pillow, python3-pillow-devel, python3-pillow-tk (ALAS2023-2023-146)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-146 advisory. An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is a negative-offset memcpy with an invalid size. CVE-2021-25290 An issue was discovered in Pillow before 8.1.1. In...

9.8CVSS7.3AI score0.00536EPSS
Exploits1References24
Tenable Nessus
Tenable Nessusadded 2023/03/21 12:0 a.m.23 views

Amazon Linux 2023 : python3-pillow, python3-pillow-devel, python3-pillow-tk (ALAS2023-2023-057)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-057 advisory. A flaw was found in python-pillow. The vulnerability occurs due to improper initialization of image paths, leading to a buffer over-read and improper initialization. This flaw allows an attacke...

9.8CVSS7.1AI score0.02781EPSS
Exploits0References6
Rows per page
Query Builder