Wiredfool

**Name of the Vulnerable Software and Affected Versions** Pillow versions prior to 7.1.0 Pillow versions 7.x prior to 7.0.1 Pillow version 6.2.3 and earlier **Description** An out-of-bounds read can occur when reading PCX files where `state->shuffle` is instructed to read beyond `state->buffer` in the `libImaging/PcxDecode.c` file. **Recommendations** For Pillow versions prior to 7.1.0, update to version 7.1.0 or later to resolve the issue. For Pillow versions 7.x prior to 7.0.1, update to version 7.0.1 or later to resolve the issue. For Pillow version 6.2.3 and earlier, update to a version later than 6.2.3 to resolve the issue. As a temporary workaround, consider restricting the use of PCX files until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Pillow versions prior to 3.3.2 **Description** The issue allows context-dependent attackers to obtain sensitive information by using the "crafted image file" approach, related to an "Integer Overflow" issue affecting the `Image.core.map buffer` in `map.c` component. **Recommendations** For Pillow versions prior to 3.3.2, update to version 3.3.2 or later to resolve the issue. As a temporary workaround, consider restricting the use of crafted image files to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Pillow versions prior to 3.3.2 **Description** The issue allows context-dependent attackers to execute arbitrary code by using a crafted image file, related to an Insecure Sign Extension issue affecting the ImagingNew in Storage.c component. **Recommendations** For versions prior to 3.3.2, update to version 3.3.2 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Pillow versions prior to 3.1.1 **Description** The issue is related to a buffer overflow in the `ImagingFliDecode` function, which can be exploited by remote attackers to cause a denial of service (crash) via a crafted FLI file. **Recommendations** For Pillow versions prior to 3.1.1, update to version 3.1.1 or later to resolve the issue. As a temporary workaround, consider avoiding the use of the `ImagingFliDecode` function until a patch is applied. Restrict access to FLI files to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Pillow versions prior to 3.1.1 **Description** The issue allows remote attackers to overwrite memory via a crafted TIFF file, exploiting a buffer overflow in the `ImagingLibTiffDecode` function in `libImaging/TiffDecode.c`. **Recommendations** For versions prior to 3.1.1, update to version 3.1.1 or later to resolve the issue. As a temporary workaround, consider restricting the processing of TIFF files until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Pillow versions prior to 2.7.0 **Description** The issue allows remote attackers to cause a denial of service via a compressed text chunk in a PNG image that has a large size when it is decompressed. **Recommendations** For versions prior to 2.7.0, update to version 2.7.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Pillow versions prior to 2.3.1 Python Image Library (PIL) versions 1.1.7 and earlier **Description** The issue concerns the improper creation of temporary files by certain functions in Python Image Library (PIL) and Pillow, allowing local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on the temporary file. The affected functions include `load djpeg` in `JpegImagePlugin.py`, `Ghostscript` in `EpsImagePlugin.py`, `load` in `IptcImagePlugin.py`, and ` copy` in `Image.py`. There is also a potential for remote attackers to execute arbitrary commands via shell metacharacters in unspecified vectors. **Recommendations** For Pillow versions prior to 2.3.1, update to version 2.3.1 or later to resolve the issue. For Python Image Library (PIL) versions 1.1.7 and earlier, consider migrating to Pillow version 2.3.1 or later, as PIL is no longer maintained. As a temporary workaround, consider restricting access to the affected functions, such as `load djpeg`, `Ghostscript`, `load`, and ` copy`, until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Pillow versions prior to 2.3.1 Python Image Library (PIL) versions 1.1.7 and earlier **Description** The issue in the JpegImagePlugin.py and EpsImagePlugin.py scripts makes it easier for local users to conduct symlink attacks by listing the processes. This is due to the scripts using the names of temporary files on the command line. **Recommendations** For Pillow versions prior to 2.3.1, update to version 2.3.1 or later to resolve the issue. For Python Image Library (PIL) versions 1.1.7 and earlier, consider upgrading to Pillow, as PIL is no longer maintained, and then update to version 2.3.1 or later.