50 matches found
EulerOS Virtualization 2.9.1 : python-pillow (EulerOS-SA-2023-1647)
According to the versions of the python-pillow packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Pillow before 9.2.0 performs Improper Handling of Highly Compressed GIF Data Data Amplification. CVE-2022-45198 - Pillow...
Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2023-1415)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP11 : python-pillow (EulerOS-SA-2023-1435)
According to the versions of the python-pillow packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Pillow before 9.2.0 performs Improper Handling of Highly Compressed GIF Data Data Amplification. CVE-2022-45198 - Pillow before 9.3.0...
EulerOS 2.0 SP11 : python-pillow (EulerOS-SA-2023-1415)
According to the versions of the python-pillow packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Pillow before 9.2.0 performs Improper Handling of Highly Compressed GIF Data Data Amplification. CVE-2022-45198 - Pillow before 9.3.0...
SUSE CVE-2015-8665
tifgetimage.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service out-of-bounds read via the SamplesPerPixel tag in a TIFF image...
SUSE CVE-2022-45199
Pillow before 9.3.0 allows denial of service via SAMPLESPERPIXEL...
EulerOS 2.0 SP10 : python-pillow (EulerOS-SA-2023-1397)
According to the versions of the python-pillow packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Pillow before 9.2.0 performs Improper Handling of Highly Compressed GIF Data Data Amplification. CVE-2022-45198 - Pillow before 9.3.0...
EulerOS 2.0 SP10 : python-pillow (EulerOS-SA-2023-1369)
According to the versions of the python-pillow packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Pillow before 9.2.0 performs Improper Handling of Highly Compressed GIF Data Data Amplification. CVE-2022-45198 - Pillow before 9.3.0...
OESA-2022-2113 python-pillow security update
Pillow is the friendly PIL fork by Alex Clark and Contributors. PIL is the Python Imaging Library by Fredrik Lundh and Contributors. As of 2019, Pillow development is supported by Tidelift. Security Fixes: Pillow before 9.3.0 allows denial of service via SAMPLESPERPIXEL.CVE-2022-45199...
GHSA-Q4MP-JVH2-76FJ Pillow subject to DoS via SAMPLESPERPIXEL tag
Pillow starting with 9.2.0 and prior to 9.3.0 allows denial of service via SAMPLESPERPIXEL. A large value in the SAMPLESPERPIXEL tag could lead to a memory and runtime DOS in TiffImagePlugin.py when setting up the context for image decoding. This issue has been patched in version 9.3.0...
Pillow subject to DoS via SAMPLESPERPIXEL tag
Pillow starting with 9.2.0 and prior to 9.3.0 allows denial of service via SAMPLESPERPIXEL. A large value in the SAMPLESPERPIXEL tag could lead to a memory and runtime DOS in TiffImagePlugin.py when setting up the context for image decoding. This issue has been patched in version 9.3.0...
DEBIAN-CVE-2022-45199
Pillow before 9.3.0 allows denial of service via SAMPLESPERPIXEL...
CVE-2022-45199
Pillow before 9.3.0 allows denial of service via SAMPLESPERPIXEL...
Code injection
Pillow before 9.3.0 allows denial of service via SAMPLESPERPIXEL...
PYSEC-2022-42980
Pillow before 9.3.0 allows denial of service via SAMPLESPERPIXEL...
PYSEC-2022-42980
Pillow before 9.3.0 allows denial of service via SAMPLESPERPIXEL...
Pillow 资源管理错误漏洞
Pillow is a Python based image processing library. A security vulnerability exists in Pillow versions prior to 9.3.0 that stems from allowing denial of service via SAMPLESPERPIXEL...
Oracle OIT IX SDK TIFF ExtraSamples Code Execution Vulnerabiity(CVE-2016-3581)
Description While parsing a specially crafted TIFF file, a parser confussion can lead to a heap buffer overflow resulting in out of bounds memory overwrite leading to arbitrary code execution. Tested Versions Oracle Outside In IX sdk 8.5.1 Product URLs...
The vulnerability of the LibTIFF library, which allows a hacker to trigger a service failure
The vulnerability in the tifgetimage.c library of the LibTIFF library is caused by buffer overflow. Exploiting this vulnerability can allow an attacker, operating remotely, to cause a service failure memory out-of-bound reading through the use of the “SamplesPerPixel” tag in the TIFF image...
CVE-2015-8665
tifgetimage.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service out-of-bounds read via the SamplesPerPixel tag in a TIFF image...