Rapid7 Vulnerability & Exploit Database

Huawei EulerOS: CVE-2019-16865: python-pillow security update

Free InsightVM Trial No Credit Card Necessary

2024 Attack Intel Report Latest research by Rapid7 Labs

Back to Search

Huawei EulerOS: CVE-2019-16865: python-pillow security update

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:P)

Published

10/04/2019

Created

09/28/2020

Added

09/28/2020

Modified

09/28/2020

Description

An issue was discovered in Pillow before 6.2.0. When reading specially crafted invalid image files, the library can either allocate very large amounts of memory or take an extremely long period of time to process the image.

Solution(s)

huawei-euleros-2_0_sp3-upgrade-python-pillow

References

https://attackerkb.com/topics/cve-2019-16865
CVE - 2019-16865
DSA-4631
EulerOS-SA-2020-2080
RHSA-2020:0566
RHSA-2020:0578
RHSA-2020:0580
RHSA-2020:0681
RHSA-2020:0683
RHSA-2020:0694

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

Huawei EulerOS: CVE-2019-16865: python-pillow security update

Huawei EulerOS: CVE-2019-16865: python-pillow security update

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.