python2-pillow

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Unknown
Version Removed

Open

Group Affected Fixed Severity Status Ticket
AVG-1439 6.2.1-3 Medium Unknown
Issue Group Severity Remote Type Description
CVE-2021-27923 AVG-1439 Low No Denial of service
Pillow before 8.1.2 allows attackers to cause a denial of service (memory consumption) because the reported size of a contained image is not properly...
CVE-2021-27922 AVG-1439 Low No Denial of service
Pillow before 8.1.2 allows attackers to cause a denial of service (memory consumption) because the reported size of a contained image is not properly...
CVE-2021-27921 AVG-1439 Low No Denial of service
Pillow before 8.1.2 allows attackers to cause a denial of service (memory consumption) because the reported size of a contained image is not properly...
CVE-2021-25293 AVG-1439 Medium No Information disclosure
A security issue was found in python-pillow before version 8.1.1. There is an out of bounds read in SGIRleDecode.c, since pillow 4.3.0.
CVE-2021-25292 AVG-1439 Low No Denial of service
A security issue was found in python-pillow before version 8.1.1. The PDF parser has a catastrophic backtracking regex that could be used in a denial of...
CVE-2021-25291 AVG-1439 Medium No Information disclosure
A security issue was found in python-pillow before version 8.1.1. In TiffDecode.c, invalid tile boundaries could lead to an out of bounds read in TiffReadRGBATile.
CVE-2021-25290 AVG-1439 Medium No Information disclosure
A security issue was found in python-pillow before version 8.1.1. In TiffDecode.c, there is a negative-offset memcpy with an invalid size.
CVE-2021-25289 AVG-1439 Medium No Arbitrary code execution
A security issue was found in python-pillow before version 8.1.1. The previous fix for CVE-2020-35654 was insufficent due to incorrect error checking in...
CVE-2020-35655 AVG-1439 Low No Denial of service
In python-pillow before 8.1.0, SGIRleDecode has a 4-byte buffer over- read when decoding crafted SGI RLE image files because offsets and length tables are...
CVE-2020-35654 AVG-1439 Medium No Arbitrary code execution
In python-pillow before 8.1.0, TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts...
CVE-2020-35653 AVG-1439 Medium No Information disclosure
In python-pillow before 8.1.0, PcxDecode has a buffer over-read when decoding a crafted PCX file because the user-supplied stride value is trusted for...