rpm package
suse/python-Pillow&distro=SUSE OpenStack Cloud Crowbar 9
pkg:rpm/suse/python-Pillow&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209
Vulnerabilities (60)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-28219 | Med | 6.7 | < 5.2.0-3.26.2 | 5.2.0-3.26.2 | Apr 3, 2024 | In _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy. | |
| CVE-2023-50447 | Hig | 8.1 | < 5.2.0-3.23.1 | 5.2.0-3.23.1 | Jan 19, 2024 | Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than CVE-2022-22817 (which was about the expression parameter). | |
| CVE-2023-44271 | Hig | 7.5 | < 5.2.0-3.20.1 | 5.2.0-3.20.1 | Nov 3, 2023 | An issue was discovered in Pillow before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for truetype in ImageFont when textlength in an ImageDraw in | |
| CVE-2022-23451 | Hig | 8.1 | < 5.2.0-3.17.1 | 5.2.0-3.17.1 | Sep 6, 2022 | An authorization flaw was found in openstack-barbican. The default policy rules for the secret metadata API allowed any authenticated user to add, modify, or delete metadata from any secret regardless of ownership. This flaw allows an attacker on the network to modify or delete p | |
| CVE-2022-23452 | Med | 4.9 | < 5.2.0-3.17.1 | 5.2.0-3.17.1 | Sep 1, 2022 | An authorization flaw was found in openstack-barbican, where anyone with an admin role could add secrets to a different project container. This flaw allows an attacker on the network to consume protected resources and cause a denial of service. | |
| CVE-2022-29970 | Hig | 7.5 | < 5.2.0-3.17.1 | 5.2.0-3.17.1 | May 2, 2022 | Sinatra before 2.2.0 does not validate that the expanded path matches public_dir when serving static files. | |
| CVE-2022-22817 | Cri | 9.8 | < 5.2.0-3.17.1 | 5.2.0-3.17.1 | Jan 10, 2022 | PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitrary expressions, such as ones that use the Python exec method. A lambda expression could also be used. | |
| CVE-2022-22816 | Med | 6.5 | < 5.2.0-3.17.1 | 5.2.0-3.17.1 | Jan 10, 2022 | path_getbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization of ImagePath.Path. | |
| CVE-2022-22815 | Med | 6.5 | < 5.2.0-3.17.1 | 5.2.0-3.17.1 | Jan 10, 2022 | path_getbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path. | |
| CVE-2021-44716 | Hig | 7.5 | < 5.2.0-3.17.1 | 5.2.0-3.17.1 | Jan 1, 2022 | net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests. | |
| CVE-2021-43818 | Hig | 8.2 | < 5.2.0-3.17.1 | 5.2.0-3.17.1 | Dec 13, 2021 | lxml is a library for processing XML and HTML in the Python language. Prior to version 4.6.5, the HTML Cleaner in lxml.html lets certain crafted script content pass through, as well as script content in SVG files embedded using data URIs. Users that employ the HTML cleaner in a s | |
| CVE-2021-43813 | Med | 4.3 | < 5.2.0-3.17.1 | 5.2.0-3.17.1 | Dec 10, 2021 | Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 contains a directory traversal vulnerability for fully lowercase or fully uppercase .md files. The vulnerability is limited in scope, and only allows access to files wi | |
| CVE-2021-41184 | Med | 6.5 | < 5.2.0-3.17.1 | 5.2.0-3.17.1 | Oct 26, 2021 | jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `of` option of the `.position()` util from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `of` option | |
| CVE-2021-41183 | Med | 6.5 | < 5.2.0-3.17.1 | 5.2.0-3.17.1 | Oct 26, 2021 | jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of various `*Text` options of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. The values passed to various `*Text | |
| CVE-2021-41182 | Med | 6.5 | < 5.2.0-3.17.1 | 5.2.0-3.17.1 | Oct 26, 2021 | jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `altField` option of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `altFi | |
| CVE-2021-23437 | Hig | 7.5 | < 5.2.0-3.14.1 | 5.2.0-3.14.1 | Sep 3, 2021 | The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the getrgb function. | |
| CVE-2021-40085 | Med | 6.5 | < 5.2.0-3.17.1 | 5.2.0-3.17.1 | Aug 31, 2021 | An issue was discovered in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1. Authenticated attackers can reconfigure dnsmasq via a crafted extra_dhcp_opts value. | |
| CVE-2021-38155 | Hig | 7.5 | < 5.2.0-3.17.1 | 5.2.0-3.17.1 | Aug 6, 2021 | OpenStack Keystone 10.x through 16.x before 16.0.2, 17.x before 17.0.1, 18.x before 18.0.1, and 19.x before 19.0.1 allows information disclosure during account locking (related to PCI DSS features). By guessing the name of an account and failing to authenticate multiple times, an | |
| CVE-2021-34552 | Cri | 9.8 | < 5.2.0-3.11.1 | 5.2.0-3.11.1 | Jul 13, 2021 | Pillow through 8.2.0 and PIL (aka Python Imaging Library) through 1.1.7 allow an attacker to pass controlled parameters directly into a convert function to trigger a buffer overflow in Convert.c. | |
| CVE-2021-28678 | Med | 5.5 | < 5.2.0-3.8.1 | 5.2.0-3.8.1 | Jun 2, 2021 | An issue was discovered in Pillow before 8.2.0. For BLP data, BlpImagePlugin did not properly check that reads (after jumping to file offsets) returned data. This could lead to a DoS where the decoder could be run a large number of times on empty data. |
- affected < 5.2.0-3.26.2fixed 5.2.0-3.26.2
In _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy.
- affected < 5.2.0-3.23.1fixed 5.2.0-3.23.1
Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than CVE-2022-22817 (which was about the expression parameter).
- affected < 5.2.0-3.20.1fixed 5.2.0-3.20.1
An issue was discovered in Pillow before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for truetype in ImageFont when textlength in an ImageDraw in
- affected < 5.2.0-3.17.1fixed 5.2.0-3.17.1
An authorization flaw was found in openstack-barbican. The default policy rules for the secret metadata API allowed any authenticated user to add, modify, or delete metadata from any secret regardless of ownership. This flaw allows an attacker on the network to modify or delete p
- affected < 5.2.0-3.17.1fixed 5.2.0-3.17.1
An authorization flaw was found in openstack-barbican, where anyone with an admin role could add secrets to a different project container. This flaw allows an attacker on the network to consume protected resources and cause a denial of service.
- affected < 5.2.0-3.17.1fixed 5.2.0-3.17.1
Sinatra before 2.2.0 does not validate that the expanded path matches public_dir when serving static files.
- affected < 5.2.0-3.17.1fixed 5.2.0-3.17.1
PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitrary expressions, such as ones that use the Python exec method. A lambda expression could also be used.
- affected < 5.2.0-3.17.1fixed 5.2.0-3.17.1
path_getbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization of ImagePath.Path.
- affected < 5.2.0-3.17.1fixed 5.2.0-3.17.1
path_getbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path.
- affected < 5.2.0-3.17.1fixed 5.2.0-3.17.1
net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests.
- affected < 5.2.0-3.17.1fixed 5.2.0-3.17.1
lxml is a library for processing XML and HTML in the Python language. Prior to version 4.6.5, the HTML Cleaner in lxml.html lets certain crafted script content pass through, as well as script content in SVG files embedded using data URIs. Users that employ the HTML cleaner in a s
- affected < 5.2.0-3.17.1fixed 5.2.0-3.17.1
Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 contains a directory traversal vulnerability for fully lowercase or fully uppercase .md files. The vulnerability is limited in scope, and only allows access to files wi
- affected < 5.2.0-3.17.1fixed 5.2.0-3.17.1
jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `of` option of the `.position()` util from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `of` option
- affected < 5.2.0-3.17.1fixed 5.2.0-3.17.1
jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of various `*Text` options of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. The values passed to various `*Text
- affected < 5.2.0-3.17.1fixed 5.2.0-3.17.1
jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `altField` option of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `altFi
- affected < 5.2.0-3.14.1fixed 5.2.0-3.14.1
The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the getrgb function.
- affected < 5.2.0-3.17.1fixed 5.2.0-3.17.1
An issue was discovered in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1. Authenticated attackers can reconfigure dnsmasq via a crafted extra_dhcp_opts value.
- affected < 5.2.0-3.17.1fixed 5.2.0-3.17.1
OpenStack Keystone 10.x through 16.x before 16.0.2, 17.x before 17.0.1, 18.x before 18.0.1, and 19.x before 19.0.1 allows information disclosure during account locking (related to PCI DSS features). By guessing the name of an account and failing to authenticate multiple times, an
- affected < 5.2.0-3.11.1fixed 5.2.0-3.11.1
Pillow through 8.2.0 and PIL (aka Python Imaging Library) through 1.1.7 allow an attacker to pass controlled parameters directly into a convert function to trigger a buffer overflow in Convert.c.
- affected < 5.2.0-3.8.1fixed 5.2.0-3.8.1
An issue was discovered in Pillow before 8.2.0. For BLP data, BlpImagePlugin did not properly check that reads (after jumping to file offsets) returned data. This could lead to a DoS where the decoder could be run a large number of times on empty data.
Page 1 of 3