Lucene search
AlmaLinuxALSA-2020:3185HistoryJul 28, 2020 - 1:17 p.m.
Important: python-pillow security update
2020-07-2813:17:06
errata.almalinux.org
17
0.012 Low
EPSS
Percentile
85.6%
The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities.
Security Fix(es):
-
python-pillow: out-of-bounds reads/writes in the parsing of SGI image files in expandrow/expandrow2 (CVE-2020-11538)
-
python-pillow: out-of-bounds read in ImagingFliDecode when loading FLI images (CVE-2020-5313)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| almalinux | 8 | x86_64 | python3-pillow | < 5.1.1-12.el8_2 | python3-pillow-5.1.1-12.el8_2.x86_64.rpm |
Related
nessus
nessus
RHEL 8 : python-pillow (RHSA-2020:3185)
2020-07-28 00:00:00
Oracle Linux 8 : python-pillow (ELSA-2020-3185)
2020-07-30 00:00:00
CentOS 8 : python-pillow (CESA-2020:3185)
2021-02-01 00:00:00
osv
osv
Important: python-pillow security update
2020-07-28 13:17:06
Out-of-bounds Read in Pillow
2020-04-01 16:36:00
CVE-2020-5313
2020-01-03 01:15:11
rocky
rocky
python-pillow security update
2020-07-28 13:17:06
oraclelinux
oraclelinux
python-pillow security update
2020-07-29 00:00:00
python-pillow security update
2020-10-06 00:00:00
redhat
redhat
(RHSA-2020:3185) Important: python-pillow security update
2020-07-28 13:17:06
(RHSA-2020:3299) Important: python-pillow security update
2020-08-04 07:13:18
(RHSA-2020:3302) Important: python-pillow security update
2020-08-04 10:18:31
redhatcve
redhatcve
CVE-2020-11538
2020-07-01 11:20:51
CVE-2020-5313
2020-01-09 19:09:11
veracode
veracode
Denial Of Service (DoS)
2020-06-26 03:28:33
Denial Of Service (DoS)
2020-01-06 03:36:13
centos
centos
python security update
2020-10-20 18:49:16
debiancve
debiancve
CVE-2020-5313
2020-01-03 01:15:11
CVE-2020-11538
2020-06-25 19:15:12
amazon
amazon
Medium: python-pillow
2020-10-22 18:36:00
nvd
nvd
CVE-2020-5313
2020-01-03 01:15:11
CVE-2020-11538
2020-06-25 19:15:12
ubuntucve
ubuntucve
CVE-2020-5313
2020-01-03 00:00:00
CVE-2020-11538
2020-06-25 00:00:00
prion
prion
Buffer overflow
2020-01-03 01:15:00
Out-of-bounds
2020-06-25 19:15:00
github
github
Out-of-bounds Read in Pillow
2020-04-01 16:36:00
Out-of-bounds read in Pillow
2020-07-27 21:52:36
cvelist
cvelist
CVE-2020-5313
2020-01-03 00:52:23
CVE-2020-11538
2020-06-25 18:32:06
alpinelinux
alpinelinux
CVE-2020-5313
2020-01-03 01:15:11
cve
cve
CVE-2020-5313
2020-01-03 01:15:11
CVE-2020-11538
2020-06-25 19:15:12
openvas
openvas
Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2020-1589)
2020-05-26 00:00:00
Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2020-1707)
2020-06-26 00:00:00
Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2020-1128)
2020-02-24 00:00:00
f5
f5
K16213320 : Python Pillow vulnerabilities CVE-2020-5312 and CVE-2020-5313
2021-04-28 00:00:00
debian
debian
[SECURITY] [DLA 2057-1] pillow security update
2020-01-06 16:51:36
[SECURITY] [DSA 4631-1] pillow security update
2020-02-21 20:22:04
ubuntu
ubuntu
Pillow vulnerabilities
2020-07-22 00:00:00
Pillow vulnerabilities
2020-07-23 00:00:00
Pillow vulnerabilities
2020-02-06 00:00:00
mageia
mageia
Updated python-pillow packages fix security vulnerabilities
2020-11-23 22:51:37
Updated python-pillow packages fix security vulnerabilities
2020-02-18 17:05:53
fedora
fedora
[SECURITY] Fedora 32 Update: python-pillow-7.0.0-4.fc32
2020-07-04 01:14:29
[SECURITY] Fedora 31 Update: python-pillow-6.2.2-3.fc31
2020-07-10 01:02:19
[SECURITY] Fedora 31 Update: python-pillow-6.2.2-1.fc31
2020-01-31 02:02:49
freebsd
freebsd
Pillow -- Multiple vulnerabilities
2019-12-19 00:00:00
ibm
ibm
rosalinux
rosalinux
Advisory ROSA-SA-2021-1957
2021-07-02 18:03:40