Bugs fixes in "pillow"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2020-5312 | libImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode buffer overflow. | 2020-02-06 |
| CVE | CVE-2020-5311 | libImaging/SgiRleDecode.c in Pillow before 6.2.2 has an SGI buffer overflow. | 2020-02-06 |
| CVE | CVE-2019-19911 | There is a DoS vulnerability in Pillow before 6.2.2 caused by FpxImagePlugin.py calling the range function on an unvalidated 32-bit integer if the nu | 2020-02-06 |
| CVE | CVE-2019-16865 | An issue was discovered in Pillow before 6.2.0. When reading specially crafted invalid image files, the library can either allocate very large amount | 2020-02-06 |
| CVE | CVE-2016-9190 | Pillow before 3.3.2 allows context-dependent attackers to execute arbitrary code by using the "crafted image file" approach, related to an "Insecure | 2017-03-13 |
| CVE | CVE-2016-9189 | Pillow before 3.3.2 allows context-dependent attackers to obtain sensitive information by using the "crafted image file" approach, related to an "Int | 2017-03-13 |
| CVE | CVE-2016-9190 | Pillow before 3.3.2 allows context-dependent attackers to execute arbitrary code by using the "crafted image file" approach, related to an "Insecure | 2017-03-13 |
| CVE | CVE-2016-9189 | Pillow before 3.3.2 allows context-dependent attackers to obtain sensitive information by using the "crafted image file" approach, related to an "Int | 2017-03-13 |
| CVE | CVE-2016-9190 | Pillow before 3.3.2 allows context-dependent attackers to execute arbitrary code by using the "crafted image file" approach, related to an "Insecure | 2017-03-13 |
| CVE | CVE-2016-9189 | Pillow before 3.3.2 allows context-dependent attackers to obtain sensitive information by using the "crafted image file" approach, related to an "Int | 2017-03-13 |
| CVE | CVE-2016-9190 | Pillow before 3.3.2 allows context-dependent attackers to execute arbitrary code by using the "crafted image file" approach, related to an "Insecure | 2017-03-13 |
| CVE | CVE-2016-9189 | Pillow before 3.3.2 allows context-dependent attackers to obtain sensitive information by using the "crafted image file" approach, related to an "Int | 2017-03-13 |
| CVE | CVE-2016-3076 | j2k integer overflow error on encode | 2016-04-16 |
| CVE | CVE-2016-3076 | j2k integer overflow error on encode | 2016-04-16 |
| CVE | CVE-2016-3076 | j2k integer overflow error on encode | 2016-04-16 |
| CVE | CVE-2016-3076 | j2k integer overflow error on encode | 2016-04-16 |
About
-
Send Feedback to @ubuntu_updates
