Lucene search
K

50 matches found

Tenable Nessus
Tenable Nessus
added 2023/04/27 12:0 a.m.31 views

EulerOS Virtualization 2.9.1 : python-pillow (EulerOS-SA-2023-1647)

According to the versions of the python-pillow packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Pillow before 9.2.0 performs Improper Handling of Highly Compressed GIF Data Data Amplification. CVE-2022-45198 - Pillow...

7.5CVSS6.9AI score0.01184EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2023/03/07 12:0 a.m.14 views

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2023-1415)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.01184EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/03/07 12:0 a.m.30 views

EulerOS 2.0 SP11 : python-pillow (EulerOS-SA-2023-1435)

According to the versions of the python-pillow packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Pillow before 9.2.0 performs Improper Handling of Highly Compressed GIF Data Data Amplification. CVE-2022-45198 - Pillow before 9.3.0...

7.5CVSS7AI score0.01184EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/03/07 12:0 a.m.24 views

EulerOS 2.0 SP11 : python-pillow (EulerOS-SA-2023-1415)

According to the versions of the python-pillow packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Pillow before 9.2.0 performs Improper Handling of Highly Compressed GIF Data Data Amplification. CVE-2022-45198 - Pillow before 9.3.0...

7.5CVSS7AI score0.01184EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:11 a.m.1 views

SUSE CVE-2015-8665

tifgetimage.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service out-of-bounds read via the SamplesPerPixel tag in a TIFF image...

3.3CVSS8.6AI score0.02857EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 3:22 a.m.1 views

SUSE CVE-2022-45199

Pillow before 9.3.0 allows denial of service via SAMPLESPERPIXEL...

7.5CVSS6.8AI score0.01102EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/02/10 12:0 a.m.24 views

EulerOS 2.0 SP10 : python-pillow (EulerOS-SA-2023-1397)

According to the versions of the python-pillow packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Pillow before 9.2.0 performs Improper Handling of Highly Compressed GIF Data Data Amplification. CVE-2022-45198 - Pillow before 9.3.0...

7.5CVSS7AI score0.01184EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/02/10 12:0 a.m.20 views

EulerOS 2.0 SP10 : python-pillow (EulerOS-SA-2023-1369)

According to the versions of the python-pillow packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Pillow before 9.2.0 performs Improper Handling of Highly Compressed GIF Data Data Amplification. CVE-2022-45198 - Pillow before 9.3.0...

7.5CVSS7AI score0.01184EPSS
Exploits0References3
OSV
OSV
added 2022/11/25 11:4 a.m.3 views

OESA-2022-2113 python-pillow security update

Pillow is the friendly PIL fork by Alex Clark and Contributors. PIL is the Python Imaging Library by Fredrik Lundh and Contributors. As of 2019, Pillow development is supported by Tidelift. Security Fixes: Pillow before 9.3.0 allows denial of service via SAMPLESPERPIXEL.CVE-2022-45199...

7.5CVSS8.8AI score0.01102EPSS
Exploits0References2
OSV
OSV
added 2022/11/14 12:0 p.m.21 views

GHSA-Q4MP-JVH2-76FJ Pillow subject to DoS via SAMPLESPERPIXEL tag

Pillow starting with 9.2.0 and prior to 9.3.0 allows denial of service via SAMPLESPERPIXEL. A large value in the SAMPLESPERPIXEL tag could lead to a memory and runtime DOS in TiffImagePlugin.py when setting up the context for image decoding. This issue has been patched in version 9.3.0...

8.7CVSS7.2AI score0.01102EPSS
Exploits0References8
Github Security Blog
Github Security Blog
added 2022/11/14 12:0 p.m.44 views

Pillow subject to DoS via SAMPLESPERPIXEL tag

Pillow starting with 9.2.0 and prior to 9.3.0 allows denial of service via SAMPLESPERPIXEL. A large value in the SAMPLESPERPIXEL tag could lead to a memory and runtime DOS in TiffImagePlugin.py when setting up the context for image decoding. This issue has been patched in version 9.3.0...

7.5CVSS7.2AI score0.01102EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2022/11/14 7:15 a.m.1 views

DEBIAN-CVE-2022-45199

Pillow before 9.3.0 allows denial of service via SAMPLESPERPIXEL...

7.5CVSS6.9AI score0.01102EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/11/14 7:15 a.m.3 views

CVE-2022-45199

Pillow before 9.3.0 allows denial of service via SAMPLESPERPIXEL...

7.5CVSS6.8AI score0.01102EPSS
Exploits0References6
Prion
Prion
added 2022/11/14 7:15 a.m.14 views

Code injection

Pillow before 9.3.0 allows denial of service via SAMPLESPERPIXEL...

5CVSS7.3AI score0.01102EPSS
Exploits0References5Affected Software1
PyPA
PyPA
added 2022/11/14 7:15 a.m.4 views

PYSEC-2022-42980

Pillow before 9.3.0 allows denial of service via SAMPLESPERPIXEL...

7.5CVSS6.9AI score0.01102EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2022/11/14 7:15 a.m.51 views

PYSEC-2022-42980

Pillow before 9.3.0 allows denial of service via SAMPLESPERPIXEL...

7.5CVSS3.7AI score0.01102EPSS
Exploits0References5
CNNVD
CNNVD
added 2022/11/14 12:0 a.m.2 views

Pillow 资源管理错误漏洞

Pillow is a Python based image processing library. A security vulnerability exists in Pillow versions prior to 9.3.0 that stems from allowing denial of service via SAMPLESPERPIXEL...

7.5CVSS6.9AI score0.01102EPSS
Exploits0References8
seebug.org
seebug.org
added 2017/10/16 12:0 a.m.37 views

Oracle OIT IX SDK TIFF ExtraSamples Code Execution Vulnerabiity(CVE-2016-3581)

Description While parsing a specially crafted TIFF file, a parser confussion can lead to a heap buffer overflow resulting in out of bounds memory overwrite leading to arbitrary code execution. Tested Versions Oracle Outside In IX sdk 8.5.1 Product URLs...

9CVSS9.4AI score0.0393EPSS
Exploits1
BDU FSTEC
BDU FSTEC
added 2016/05/05 12:0 a.m.8 views

The vulnerability of the LibTIFF library, which allows a hacker to trigger a service failure

The vulnerability in the tifgetimage.c library of the LibTIFF library is caused by buffer overflow. Exploiting this vulnerability can allow an attacker, operating remotely, to cause a service failure memory out-of-bound reading through the use of the “SamplesPerPixel” tag in the TIFF image...

4.3CVSS7AI score0.02857EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2016/04/13 5:59 p.m.18 views

CVE-2015-8665

tifgetimage.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service out-of-bounds read via the SamplesPerPixel tag in a TIFF image...

5.5CVSS5.8AI score0.02857EPSS
Exploits0References12
Rows per page
Query Builder