FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-15 08:21:43 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
f947aa26-b2f9-11eb-a5f7-a0f3c100ae18	Pillow -- multiple vulnerabilities python-pillow reports: This release fixes several vulnerabilities found with `OSS-Fuzz`. `CVE-2021-25288`: Fix OOB read in Jpeg2KDecode. This dates to Pillow 2.4.0. `CVE-2021-28675`: Fix DOS in PsdImagePlugin. This dates to the PIL fork. `CVE-2021-28676`: Fix FLI DOS. This dates to the PIL fork. `CVE-2021-28677`: Fix EPS DOS on _open. This dates to the PIL fork. `CVE-2021-28678`: Fix BLP DOS. This dates to Pillow 5.1.0. Fix memory DOS in ImageFont. This dates to the PIL fork. Discovery 2021-04-01 Entry 2021-05-12 py38-pillow < 8.2.0 CVE-2021-25288 CVE-2021-28675 CVE-2021-28676 CVE-2021-28677 CVE-2021-28678

VuXML ID

Description

f947aa26-b2f9-11eb-a5f7-a0f3c100ae18

Pillow -- multiple vulnerabilities

python-pillow reports:

This release fixes several vulnerabilities found with `OSS-Fuzz`.

`CVE-2021-25288`: Fix OOB read in Jpeg2KDecode. This dates to Pillow 2.4.0.

`CVE-2021-28675`: Fix DOS in PsdImagePlugin. This dates to the PIL fork.

`CVE-2021-28676`: Fix FLI DOS. This dates to the PIL fork.

`CVE-2021-28677`: Fix EPS DOS on _open. This dates to the PIL fork.

`CVE-2021-28678`: Fix BLP DOS. This dates to Pillow 5.1.0.

Fix memory DOS in ImageFont. This dates to the PIL fork.

Discovery 2021-04-01
Entry 2021-05-12
py38-pillow

< 8.2.0

CVE-2021-25288
CVE-2021-28675
CVE-2021-28676
CVE-2021-28677
CVE-2021-28678