CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-28678 – python-pillow: Excessive looping in BLP image reader
https://notcve.org/view.php?id=CVE-2021-28678
An issue was discovered in Pillow before 8.2.0. For BLP data, BlpImagePlugin did not properly check that reads (after jumping to file offsets) returned data. This could lead to a DoS where the decoder could be run a large number of times on empty data. Se ha detectado un problema en Pillow versiones anteriores a 8.2.0,. En el caso de los datos BLP, la función BlpImagePlugin no comprobaba apropiadamente que las lecturas (después de saltar a los offsets de los archivos) devolvían datos. • https://github.com/python-pillow/Pillow/pull/5377 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MQHA5HAIBOYI3R6HDWCLAGFTIQP767FL https://pillow.readthedocs.io/en/stable/releasenotes/8.2.0.html#cve-2021-28678-fix-blp-dos https://security.gentoo.org/glsa/202107-33 https://access.redhat.com/security/cve/CVE-2021-28678 https://bugzilla.redhat.com/show_bug.cgi?id=1958263 • CWE-20: Improper Input Validation CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 0CVE-2021-25288 – python-pillow: Out-of-bounds read in J2K image reader
https://notcve.org/view.php?id=CVE-2021-25288
An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2ku_gray_i. Se ha detectado un problema en Pillow versiones anteriores a 8.2.0,. Se presenta una lectura fuera de límites en J2kDecode, en la función j2ku_gray_i There is an out-of-bounds read in J2kDecode in j2ku_gray_i. For J2k images with multiple bands, it’s legal to have different widths for each band, e.g. 1 byte for L, 4 bytes for A. • https://github.com/python-pillow/Pillow/pull/5377#issuecomment-833821470 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MQHA5HAIBOYI3R6HDWCLAGFTIQP767FL https://pillow.readthedocs.io/en/stable/releasenotes/8.2.0.html#cve-2021-25287-cve-2021-25288-fix-oob-read-in-jpeg2kdecode https://security.gentoo.org/glsa/202107-33 https://access.redhat.com/security/cve/CVE-2021-25288 https://bugzilla.redhat.com/show_bug.cgi?id=1958231 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-28675 – python-pillow: Excessive memory allocation in PSD image reader
https://notcve.org/view.php?id=CVE-2021-28675
An issue was discovered in Pillow before 8.2.0. PSDImagePlugin.PsdImageFile lacked a sanity check on the number of input layers relative to the size of the data block. This could lead to a DoS on Image.open prior to Image.load. Se ha detectado un problema en Pillow versiones anteriores a 8.2.0, PSDImagePlugin.PsdImageFile carecía de una comprobación de saneamiento sobre el número de capas de entrada en relación con el tamaño del bloque de datos. Esto podría conllevar a un DoS en Image.open anterior a Image.load A flaw was found in python-pillow. • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MQHA5HAIBOYI3R6HDWCLAGFTIQP767FL https://pillow.readthedocs.io/en/stable/releasenotes/8.2.0.html#cve-2021-28675-fix-dos-in-psdimageplugin https://security.gentoo.org/glsa/202107-33 https://access.redhat.com/security/cve/CVE-2021-28675 https://bugzilla.redhat.com/show_bug.cgi?id=1958240 • CWE-20: Improper Input Validation CWE-252: Unchecked Return Value •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-28676 – python-pillow: Infinite loop in FLI image reader
https://notcve.org/view.php?id=CVE-2021-28676
An issue was discovered in Pillow before 8.2.0. For FLI data, FliDecode did not properly check that the block advance was non-zero, potentially leading to an infinite loop on load. Se detectó un problema en Pillow versiones anteriores a 8.2.0,. En el caso de los datos FLI, la función FliDecode no comprobaba correctamente que el avance del bloque fuera distinto de cero, lo que podía conllevar un bucle infinito en la carga A flaw was found in python-pillow. FliDecode.c did not properly check that the block advance was non-zero, potentially leading to an infinite loop on load. • https://github.com/python-pillow/Pillow/commit/bb6c11fb889e6c11b0ee122b828132ee763b5856 https://github.com/python-pillow/Pillow/pull/5377 https://lists.debian.org/debian-lts-announce/2021/07/msg00018.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MQHA5HAIBOYI3R6HDWCLAGFTIQP767FL https://pillow.readthedocs.io/en/stable/releasenotes/8.2.0.html#cve-2021-28676-fix-fli-dos https://security.gentoo.org/glsa/202107-33 https://access.redhat.com/security/cve/CVE-2021- • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-28677 – python-pillow: Excessive CPU use in EPS image reader
https://notcve.org/view.php?id=CVE-2021-28677
An issue was discovered in Pillow before 8.2.0. For EPS data, the readline implementation used in EPSImageFile has to deal with any combination of \r and \n as line endings. It used an accidentally quadratic method of accumulating lines while looking for a line ending. A malicious EPS file could use this to perform a DoS of Pillow in the open phase, before an image was accepted for opening. Se ha detectado un problema en Pillow versiones anteriores a 8.2.0,. • https://github.com/python-pillow/Pillow/pull/5377 https://lists.debian.org/debian-lts-announce/2021/07/msg00018.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MQHA5HAIBOYI3R6HDWCLAGFTIQP767FL https://pillow.readthedocs.io/en/stable/releasenotes/8.2.0.html#cve-2021-28677-fix-eps-dos-on-open https://security.gentoo.org/glsa/202107-33 https://access.redhat.com/security/cve/CVE-2021-28677 https://bugzilla.redhat.com/show_bug.cgi?id=1958257 • CWE-20: Improper Input Validation •