vulnerability

Oracle Linux: CVE-2019-16865: ELSA-2020-0578: python-pillow security update (IMPORTANT) (Multiple Advisories)

Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Published
Oct 4, 2019
Added
Oct 5, 2022
Modified
Jan 7, 2025

Description

An issue was discovered in Pillow before 6.2.0. When reading specially crafted invalid image files, the library can either allocate very large amounts of memory or take an extremely long period of time to process the image.
A flaw was discovered in the way the python-pillow may allocate a large amount of memory or require a long time while processing specially crafted image files, possibly causing a denial of service. Applications that use the library to process untrusted files may be vulnerable to this flaw.

Solution(s)

oracle-linux-upgrade-python3-pilloworacle-linux-upgrade-python-pilloworacle-linux-upgrade-python-pillow-develoracle-linux-upgrade-python-pillow-docoracle-linux-upgrade-python-pillow-qtoracle-linux-upgrade-python-pillow-saneoracle-linux-upgrade-python-pillow-tk
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.