CVSS: 6.5EPSS: 1%CPEs: 3EXPL: 0CVE-2016-0775 – Gentoo Linux Security Advisory 201612-52
https://notcve.org/view.php?id=CVE-2016-0775
29 Feb 2016 — Buffer overflow in the ImagingFliDecode function in libImaging/FliDecode.c in Pillow before 3.1.1 allows remote attackers to cause a denial of service (crash) via a crafted FLI file. Desbordamiento de buffer en la función ImagingFliDecode en libImageng/FliDecode.c en Pillow en versiones anteriores a 3.1.1 permite a atacantes remotos provocar una denegación de servicio (caída) a través de un archivo FLI manipulado. Multiple security vulnerabilities have been found in Pillow, a Python imaging library, which m... • http://www.debian.org/security/2016/dsa-3499 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2016-0740 – Gentoo Linux Security Advisory 201612-52
https://notcve.org/view.php?id=CVE-2016-0740
29 Feb 2016 — Buffer overflow in the ImagingLibTiffDecode function in libImaging/TiffDecode.c in Pillow before 3.1.1 allows remote attackers to overwrite memory via a crafted TIFF file. Desbordamiento de buffer en la función ImagengLibTiffDecode en libImageng/TiffDecode.c en Pillow en versiones anteriores a 3.1.1 permite a atacantes remotos sobrescribir memoria a través de un archivo TIFF manipulado. Multiple security vulnerabilities have been found in Pillow, a Python imaging library, which may result in denial of servi... • http://www.debian.org/security/2016/dsa-3499 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 6%CPEs: 4EXPL: 0CVE-2016-2533 – Gentoo Linux Security Advisory 201612-52
https://notcve.org/view.php?id=CVE-2016-2533
29 Feb 2016 — Buffer overflow in the ImagingPcdDecode function in PcdDecode.c in Pillow before 3.1.1 and Python Imaging Library (PIL) 1.1.7 and earlier allows remote attackers to cause a denial of service (crash) via a crafted PhotoCD file. Desbordamiento de buffer en la función ImagengPcdDecode en PcdDecode.c en Pillow en versiones anteriores a 3.1.1 y Python Imageng Library (PIL) 1.1.7 y versiones anteriores permite a atacantes remotos provocar una denegación de servicio (caída) a través de un archivo PhotoCD manipulad... • http://www.debian.org/security/2016/dsa-3499 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 2%CPEs: 4EXPL: 0CVE-2014-9601 – Ubuntu Security Notice USN-3229-1
https://notcve.org/view.php?id=CVE-2014-9601
16 Jan 2015 — Pillow before 2.7.0 allows remote attackers to cause a denial of service via a compressed text chunk in a PNG image that has a large size when it is decompressed. Pillow anterior a 2.7.0 permite a atacantes remotos causar una denegación de servicio a través de un fragmento de texto comprimido en una imagen PNG que tiene un tamaño grande cuando está descomprimido. Jakub Wilk discovered that temporary files were insecurely created (via mktemp()) in the IptcImagePlugin.py, Image.py, JpegImagePlugin.py, and Eps... • http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148442.html • CWE-20: Improper Input Validation •