python-pillow

Pillow through 8.2.0 allows an attacker to pass controlled parameters directly into a convert function to trigger a buffer overflow in Convert.c.

Pillow before 8.1.2 allows attackers to cause a denial of service (memory consumption) because the reported size of a contained image is not properly...

Pillow before 8.1.2 allows attackers to cause a denial of service (memory consumption) because the reported size of a contained image is not properly...

Pillow before 8.1.2 allows attackers to cause a denial of service (memory consumption) because the reported size of a contained image is not properly...

A security issue was found in python-pillow before version 8.1.1. There is an out of bounds read in SGIRleDecode.c, since pillow 4.3.0.

A security issue was found in python-pillow before version 8.1.1. The PDF parser has a catastrophic backtracking regex that could be used in a denial of...

A security issue was found in python-pillow before version 8.1.1. In TiffDecode.c, invalid tile boundaries could lead to an out of bounds read in TiffReadRGBATile.

A security issue was found in python-pillow before version 8.1.1. In TiffDecode.c, there is a negative-offset memcpy with an invalid size.

A security issue was found in python-pillow before version 8.1.1. The previous fix for CVE-2020-35654 was insufficent due to incorrect error checking in...

The package pillow from 0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the getrgb function.

In python-pillow before 8.1.0, SGIRleDecode has a 4-byte buffer over- read when decoding crafted SGI RLE image files because offsets and length tables are...

In python-pillow before 8.1.0, TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts...

In python-pillow before 8.1.0, PcxDecode has a buffer over-read when decoding a crafted PCX file because the user-supplied stride value is trusted for...