23 matches found
Astra Linux - уязвимость в pillow
In version 9.0.1, Pillow allows attackers to delete files because spaces in temporary pathnames are mishandled...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-pillow (UTSA-2026-017340)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017340 advisory. Pillow before 9.0.1 allows attackers to delete files because spaces in temporary pathnames are mishandled. Tenable has extracted the preceding description block...
BIT-PILLOW-2022-24303
Pillow before 9.0.1 allows attackers to delete files because spaces in temporary pathnames are mishandled...
Ubuntu 20.04 ESM : Pillow vulnerabilities (USN-5777-2)
The remote Ubuntu 20.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5777-2 advisory. USN-5777-1 fixed vulnerabilities in Pillow Python 3. This update provides the corresponding updates for Pillow Python 2 in Ubuntu 20.04 LTS. Tenable has...
SUSE CVE-2022-24303
Pillow before 9.0.1 allows attackers to delete files because spaces in temporary pathnames are mishandled...
Ubuntu 20.04 LTS / 22.04 LTS : Pillow vulnerabilities (USN-5777-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5777-1 advisory. It was discovered that Pillow incorrectly handled the deletion of temporary files when using a temporary directory that contains spaces. An...
DEBIAN-CVE-2022-40299
In Singular before 4.3.1, a predictable /tmp pathname is used e.g., by sdb.cc, which allows local users to gain the privileges of other users via a procedure in a file under /tmp. NOTE: this CVE Record is about sdb.cc and similar files in the Singular interface that have predictable /tmp pathname...
PT-2022-25335 · Singular +1 · Singular +1
Name of the Vulnerable Software and Affected Versions: Singular versions prior to 4.3.1 Description: The issue is related to the use of predictable /tmp pathnames in files such as sdb.cc within the Singular interface. This predictability allows local users to gain the privileges of other users vi...
Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2022-2037)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2022-24303
Pillow before 9.0.1 allows attackers to delete files because spaces in temporary pathnames are mishandled...
CVE-2022-24303
Pillow before 9.0.1 allows attackers to delete files because spaces in temporary pathnames are mishandled...
ALPINE-CVE-2022-24303
Pillow before 9.0.1 allows attackers to delete files because spaces in temporary pathnames are mishandled...
DEBIAN-CVE-2022-24303
Pillow before 9.0.1 allows attackers to delete files because spaces in temporary pathnames are mishandled...
PYSEC-2022-168
Pillow before 9.0.1 allows attackers to delete files because spaces in temporary pathnames are mishandled...
CVE-2022-24303
Pillow before 9.0.1 allows attackers to delete files because spaces in temporary pathnames are mishandled...
UBUNTU-CVE-2022-24303
Pillow before 9.0.1 allows attackers to delete files because spaces in temporary pathnames are mishandled...
PYSEC-2022-168
Pillow before 9.0.1 allows attackers to delete files because spaces in temporary pathnames are mishandled...
CVE-2022-24303
Pillow before 9.0.1 allows attackers to delete files because spaces in temporary pathnames are mishandled...
CVE-2022-24303
Pillow before 9.0.1 allows attackers to delete files because spaces in temporary pathnames are mishandled...
CVE-2022-24303
Pillow (Python Imaging Library fork) is affected by CVE-2022-24303. The vulnerability arises in Pillow’s handling of spaces in temporary pathnames, enabling an attacker to delete files through path traversal-like behavior. This impacts Pillow versions before 9.0.1. The documented consequence is f...