Lucene search
GoogleOSV:GHSA-RWR3-C2Q8-GM56HistoryJul 24, 2018 - 8:08 p.m.
Pillow Integer overflow in Map.c
2018-07-2420:08:27
Google
osv.dev
11
EPSS
0.001
Percentile
41.5%
Pillow before 3.3.2 allows context-dependent attackers to obtain sensitive information by using the “crafted image file” approach, related to an “Integer Overflow” issue affecting the Image.core.map_buffer in map.c component.
References
pillow.readthedocs.io/en/3.4.x/releasenotes/3.3.2.html
www.debian.org/security/2016/dsa-3710
www.securityfocus.com/bid/94234
github.com/advisories/GHSA-rwr3-c2q8-gm56
github.com/python-pillow/Pillow
github.com/python-pillow/Pillow/issues/2105
github.com/python-pillow/Pillow/pull/2146/commits/c50ebe6459a131a1ea8ca531f10da616d3ceaa0f
nvd.nist.gov/vuln/detail/CVE-2016-9189
security.gentoo.org/glsa/201612-52
Related
redhatcve
redhatcve
CVE-2016-9189
2016-11-07 09:47:15
nessus
nessus
Amazon Linux 2 : python-pillow (ALAS-2024-2413)
2024-01-09 00:00:00
Debian DSA-3710-1 : pillow - security update
2016-11-11 00:00:00
prion
prion
Integer overflow
2016-11-04 10:59:00
amazon
amazon
Medium: python-pillow
2024-01-03 21:05:00
debiancve
debiancve
CVE-2016-9189
2016-11-04 10:59:09
nvd
nvd
CVE-2016-9189
2016-11-04 10:59:09
cvelist
cvelist
CVE-2016-9189
2016-11-04 10:00:00
cve
cve
CVE-2016-9189
2016-11-04 10:59:09
github
github
Pillow Integer overflow in Map.c
2018-07-24 20:08:27
ubuntucve
ubuntucve
CVE-2016-9189
2016-11-04 00:00:00
osv
osv
PYSEC-2016-8
2016-11-04 10:59:00
debian
debian
[SECURITY] [DSA 3710-1] pillow security update
2016-11-10 22:11:05
[SECURITY] [DLA 705-1] python-imaging security update
2016-11-07 16:15:12
openvas
openvas
Mageia: Security Advisory (MGASA-2016-0383)
2022-01-28 00:00:00
Debian: Security Advisory (DLA-705-1)
2023-03-08 00:00:00
Debian Security Advisory DSA 3710-1 (pillow - security update)
2016-11-10 00:00:00
freebsd
freebsd
Pillow -- multiple vulnerabilities
2016-09-06 00:00:00
mageia
mageia
Updated python-pillow packages fix security vulnerabilities
2016-11-17 19:37:05
ubuntu
ubuntu
Python Imaging Library vulnerabilities
2017-03-13 00:00:00
Pillow vulnerabilities
2017-03-13 00:00:00
gentoo
gentoo
Pillow: Multiple vulnerabilities
2016-12-31 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1957
2021-07-02 18:03:40