Vulnerabilities > Python > Pillow > 1.7.8
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-05 | CVE-2019-19911 | Integer Overflow or Wraparound vulnerability in multiple products There is a DoS vulnerability in Pillow before 6.2.2 caused by FpxImagePlugin.py calling the range function on an unvalidated 32-bit integer if the number of bands is large. | 7.5 |
| 2020-01-03 | CVE-2020-5313 | Out-of-bounds Read vulnerability in multiple products libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overflow. | 7.1 |
| 2020-01-03 | CVE-2020-5312 | Classic Buffer Overflow vulnerability in multiple products libImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode buffer overflow. | 9.8 |
| 2020-01-03 | CVE-2020-5311 | Classic Buffer Overflow vulnerability in multiple products libImaging/SgiRleDecode.c in Pillow before 6.2.2 has an SGI buffer overflow. | 9.8 |
| 2020-01-03 | CVE-2020-5310 | Integer Overflow or Wraparound vulnerability in multiple products libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc. | 8.8 |
| 2019-10-04 | CVE-2019-16865 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products An issue was discovered in Pillow before 6.2.0. | 7.5 |
| 2016-11-04 | CVE-2016-9190 | Improper Access Control vulnerability in multiple products Pillow before 3.3.2 allows context-dependent attackers to execute arbitrary code by using the "crafted image file" approach, related to an "Insecure Sign Extension" issue affecting the ImagingNew in Storage.c component. | 6.8 |
| 2016-11-04 | CVE-2016-9189 | Integer Overflow or Wraparound vulnerability in multiple products Pillow before 3.3.2 allows context-dependent attackers to obtain sensitive information by using the "crafted image file" approach, related to an "Integer Overflow" issue affecting the Image.core.map_buffer in map.c component. | 4.3 |
| 2016-04-13 | CVE-2016-4009 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Python Pillow Integer overflow in the ImagingResampleHorizontal function in libImaging/Resample.c in Pillow before 3.1.1 allows remote attackers to have unspecified impact via negative values of the new size, which triggers a heap-based buffer overflow. | 10.0 |
| 2016-04-13 | CVE-2016-2533 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Buffer overflow in the ImagingPcdDecode function in PcdDecode.c in Pillow before 3.1.1 and Python Imaging Library (PIL) 1.1.7 and earlier allows remote attackers to cause a denial of service (crash) via a crafted PhotoCD file. | 4.3 |