Debian Pillow vulnerabilities

CVE-2021-23437 [HIGH] CVE-2021-23437: pillow - The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression D... The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the getrgb function. Scope: local bookworm: resolved (fixed in 8.3.2-1) bullseye: resolved (fixed in 8.1.2+dfsg-0.3+deb11u3) forky: resolved (fixed in 8.3.2-1) sid: resolved (fixed in 8.3.2-1) trixie: resolved (fixed in 8.3.2-1)

CVE-2021-25291 [HIGH] CVE-2021-25291: pillow - An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is an out... An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is an out-of-bounds read in TiffreadRGBATile via invalid tile boundaries. Scope: local bookworm: resolved (fixed in 8.1.1-1) bullseye: resolved (fixed in 8.1.1-1) forky: resolved (fixed in 8.1.1-1) sid: resolved (fixed in 8.1.1-1) trixie: resolved (fixed in 8.1.1-1)

CVE-2021-28677 [HIGH] CVE-2021-28677: pillow - An issue was discovered in Pillow before 8.2.0. For EPS data, the readline imple... An issue was discovered in Pillow before 8.2.0. For EPS data, the readline implementation used in EPSImageFile has to deal with any combination of \r and \n as line endings. It used an accidentally quadratic method of accumulating lines while looking for a line ending. A malicious EPS file could use this to perform a DoS of Pillow in the open phase, before an image w

CVE-2021-25292 [MEDIUM] CVE-2021-25292: pillow - An issue was discovered in Pillow before 8.1.1. The PDF parser allows a regular ... An issue was discovered in Pillow before 8.1.1. The PDF parser allows a regular expression DoS (ReDoS) attack via a crafted PDF file because of a catastrophic backtracking regex. Scope: local bookworm: resolved (fixed in 8.1.1-1) bullseye: resolved (fixed in 8.1.1-1) forky: resolved (fixed in 8.1.1-1) sid: resolved (fixed in 8.1.1-1) trixie: resolved (fixed in 8.1.

CVE-2021-28675 [MEDIUM] CVE-2021-28675: pillow - An issue was discovered in Pillow before 8.2.0. PSDImagePlugin.PsdImageFile lack... An issue was discovered in Pillow before 8.2.0. PSDImagePlugin.PsdImageFile lacked a sanity check on the number of input layers relative to the size of the data block. This could lead to a DoS on Image.open prior to Image.load. Scope: local bookworm: resolved (fixed in 8.1.2+dfsg-0.2) bullseye: resolved (fixed in 8.1.2+dfsg-0.2) forky: resolved (fixed in 8.1.2+dfsg

CVE-2021-28678 [MEDIUM] CVE-2021-28678: pillow - An issue was discovered in Pillow before 8.2.0. For BLP data, BlpImagePlugin did... An issue was discovered in Pillow before 8.2.0. For BLP data, BlpImagePlugin did not properly check that reads (after jumping to file offsets) returned data. This could lead to a DoS where the decoder could be run a large number of times on empty data. Scope: local bookworm: resolved (fixed in 8.1.2+dfsg-0.2) bullseye: resolved (fixed in 8.1.2+dfsg-0.2) forky: reso

CVE-2021-25287 [CRITICAL] CVE-2021-25287: pillow - An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read i... An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2ku_graya_la. Scope: local bookworm: resolved (fixed in 8.1.2+dfsg-0.2) bullseye: resolved (fixed in 8.1.2+dfsg-0.2) forky: resolved (fixed in 8.1.2+dfsg-0.2) sid: resolved (fixed in 8.1.2+dfsg-0.2) trixie: resolved (fixed in 8.1.2+dfsg-0.2)

CVE-2021-25288 [CRITICAL] CVE-2021-25288: pillow - An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read i... An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2ku_gray_i. Scope: local bookworm: resolved (fixed in 8.1.2+dfsg-0.2) bullseye: resolved (fixed in 8.1.2+dfsg-0.2) forky: resolved (fixed in 8.1.2+dfsg-0.2) sid: resolved (fixed in 8.1.2+dfsg-0.2) trixie: resolved (fixed in 8.1.2+dfsg-0.2)

CVE-2020-5312 [CRITICAL] CVE-2020-5312: pillow - libImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode buffer overflow. libImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode buffer overflow. Scope: local bookworm: resolved (fixed in 7.0.0-1) bullseye: resolved (fixed in 7.0.0-1) forky: resolved (fixed in 7.0.0-1) sid: resolved (fixed in 7.0.0-1) trixie: resolved (fixed in 7.0.0-1)

CVE-2020-5311 [CRITICAL] CVE-2020-5311: pillow - libImaging/SgiRleDecode.c in Pillow before 6.2.2 has an SGI buffer overflow. libImaging/SgiRleDecode.c in Pillow before 6.2.2 has an SGI buffer overflow. Scope: local bookworm: resolved (fixed in 7.0.0-1) bullseye: resolved (fixed in 7.0.0-1) forky: resolved (fixed in 7.0.0-1) sid: resolved (fixed in 7.0.0-1) trixie: resolved (fixed in 7.0.0-1)

CVE-2020-35654 [HIGH] CVE-2020-35654: pillow - In Pillow before 8.1.0, TiffDecode has a heap-based buffer overflow when decodin... In Pillow before 8.1.0, TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode. Scope: local bookworm: resolved (fixed in 8.1.0-1) bullseye: resolved (fixed in 8.1.0-1) forky: resolved (fixed in 8.1.0-1) sid: resolved (fixed in 8.1.0-1) trixie: resolved (fixed in 8.1.0-1)

CVE-2020-35653 [HIGH] CVE-2020-35653: pillow - In Pillow before 8.1.0, PcxDecode has a buffer over-read when decoding a crafted... In Pillow before 8.1.0, PcxDecode has a buffer over-read when decoding a crafted PCX file because the user-supplied stride value is trusted for buffer calculations. Scope: local bookworm: resolved (fixed in 8.1.0-1) bullseye: resolved (fixed in 8.1.0-1) forky: resolved (fixed in 8.1.0-1) sid: resolved (fixed in 8.1.0-1) trixie: resolved (fixed in 8.1.0-1)

CVE-2020-5310 [HIGH] CVE-2020-5310: pillow - libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overf... libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc. Scope: local bookworm: resolved (fixed in 7.0.0-1) bullseye: resolved (fixed in 7.0.0-1) forky: resolved (fixed in 7.0.0-1) sid: resolved (fixed in 7.0.0-1) trixie: resolved (fixed in 7.0.0-1)

CVE-2020-5313 [HIGH] CVE-2020-5313: pillow - libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overflow. libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overflow. Scope: local bookworm: resolved (fixed in 7.0.0-1) bullseye: resolved (fixed in 7.0.0-1) forky: resolved (fixed in 7.0.0-1) sid: resolved (fixed in 7.0.0-1) trixie: resolved (fixed in 7.0.0-1)

CVE-2020-10379 [HIGH] CVE-2020-10379: pillow - In Pillow before 7.1.0, there are two Buffer Overflows in libImaging/TiffDecode.... In Pillow before 7.1.0, there are two Buffer Overflows in libImaging/TiffDecode.c. Scope: local bookworm: resolved (fixed in 7.2.0-1) bullseye: resolved (fixed in 7.2.0-1) forky: resolved (fixed in 7.2.0-1) sid: resolved (fixed in 7.2.0-1) trixie: resolved (fixed in 7.2.0-1)

CVE-2020-35655 [MEDIUM] CVE-2020-35655: pillow - In Pillow before 8.1.0, SGIRleDecode has a 4-byte buffer over-read when decoding... In Pillow before 8.1.0, SGIRleDecode has a 4-byte buffer over-read when decoding crafted SGI RLE image files because offsets and length tables are mishandled. Scope: local bookworm: resolved (fixed in 8.1.0-1) bullseye: resolved (fixed in 8.1.0-1) forky: resolved (fixed in 8.1.0-1) sid: resolved (fixed in 8.1.0-1) trixie: resolved (fixed in 8.1.0-1)

CVE-2020-10177 [MEDIUM] CVE-2020-10177: pillow - Pillow before 7.1.0 has multiple out-of-bounds reads in libImaging/FliDecode.c. Pillow before 7.1.0 has multiple out-of-bounds reads in libImaging/FliDecode.c. Scope: local bookworm: resolved (fixed in 7.2.0-1) bullseye: resolved (fixed in 7.2.0-1) forky: resolved (fixed in 7.2.0-1) sid: resolved (fixed in 7.2.0-1) trixie: resolved (fixed in 7.2.0-1)

CVE-2020-10378 [MEDIUM] CVE-2020-10378: pillow - In libImaging/PcxDecode.c in Pillow before 7.1.0, an out-of-bounds read can occu... In libImaging/PcxDecode.c in Pillow before 7.1.0, an out-of-bounds read can occur when reading PCX files where state->shuffle is instructed to read beyond state->buffer. Scope: local bookworm: resolved (fixed in 7.2.0-1) bullseye: resolved (fixed in 7.2.0-1) forky: resolved (fixed in 7.2.0-1) sid: resolved (fixed in 7.2.0-1) trixie: resolved (fixed in 7.2.0-1)

CVE-2020-11538 [HIGH] CVE-2020-11538: pillow - In libImaging/SgiRleDecode.c in Pillow through 7.0.0, a number of out-of-bounds ... In libImaging/SgiRleDecode.c in Pillow through 7.0.0, a number of out-of-bounds reads exist in the parsing of SGI image files, a different issue than CVE-2020-5311. Scope: local bookworm: resolved (fixed in 7.2.0-1) bullseye: resolved (fixed in 7.2.0-1) forky: resolved (fixed in 7.2.0-1) sid: resolved (fixed in 7.2.0-1) trixie: resolved (fixed in 7.2.0-1)

CVE-2020-10994 [MEDIUM] CVE-2020-10994: pillow - In libImaging/Jpeg2KDecode.c in Pillow before 7.1.0, there are multiple out-of-b... In libImaging/Jpeg2KDecode.c in Pillow before 7.1.0, there are multiple out-of-bounds reads via a crafted JP2 file. Scope: local bookworm: resolved (fixed in 7.2.0-1) bullseye: resolved (fixed in 7.2.0-1) forky: resolved (fixed in 7.2.0-1) sid: resolved (fixed in 7.2.0-1) trixie: resolved (fixed in 7.2.0-1)