Showing 1 - 2 of 2

CVE-2021-25288

Status Candidate

Overview

An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2ku_gray_i.

Red Hat Security Advisory 2021-4149-03: Posted Nov 10, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-4149-03 - The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Issues addressed include buffer over-read, buffer overflow, denial of service, and out of bounds read vulnerabilities.; tags | advisory, denial of service, overflow, vulnerability, python; systems | linux, redhat; advisories | CVE-2020-35653, CVE-2020-35655, CVE-2021-25287, CVE-2021-25288, CVE-2021-25290, CVE-2021-25292, CVE-2021-25293, CVE-2021-27921, CVE-2021-27922, CVE-2021-27923, CVE-2021-28675, CVE-2021-28676, CVE-2021-28677, CVE-2021-28678, CVE-2021-34552; SHA-256 | 2805a8b0b24491d46cede2f8a3bbcc386153411f2026d13a54bf69003bb81442; Download | Favorite | View

Gentoo Linux Security Advisory 202107-33: Posted Jul 14, 2021; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 202107-33 - Multiple vulnerabilities have been found in Pillow, the worst of which could result in a Denial of Service condition. Versions less than 8.2.0 are affected.; tags | advisory, denial of service, vulnerability; systems | linux, gentoo; advisories | CVE-2021-25287, CVE-2021-25288, CVE-2021-25289, CVE-2021-25290, CVE-2021-25291, CVE-2021-25292, CVE-2021-25293, CVE-2021-27921, CVE-2021-27922, CVE-2021-27923, CVE-2021-28675, CVE-2021-28676, CVE-2021-28677, CVE-2021-28678; SHA-256 | 26dda539c7762b5ab4e6b5ee029356b95a444412d1cf068eadfa5fafec5b0726; Download | Favorite | View

Page 1 of 1 Back 1 Next