Upgrade Microsoft.NETCore.App.Runtime.linux-arm to version 7.0.17, 8.0.3 or higher.

pillow-simd@4.2.1.post0 vulnerabilities

Python Imaging Library (Fork)

9.5.0.post2

9 years ago

4 months ago

Known vulnerabilities in the pillow-simd package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
H Insufficient Validation Pillow-SIMD is a forked from python-pillow/Pillow Pillow-SIMD is "following" Pillow. Pillow-SIMD versions are 100% compatible drop-in replacements for Pillow of the same version. Affected versions of this package are vulnerable to Insufficient Validation. In `TiffDecode.c`, there is a negative-offset memcpy with an invalid size. How to fix Insufficient Validation? Upgrade `Pillow-SIMD` to version 8.2.0.post0 or higher.	[,8.2.0.post0)
H Out-of-bounds Read Pillow-SIMD is a forked from python-pillow/Pillow Pillow-SIMD is "following" Pillow. Pillow-SIMD versions are 100% compatible drop-in replacements for Pillow of the same version. Affected versions of this package are vulnerable to Out-of-bounds Read due to invalid tile boundaries lead. How to fix Out-of-bounds Read? Upgrade `Pillow-SIMD` to version 8.2.0.post0 or higher.	[,8.2.0.post0)
H Regular Expression Denial of Service (ReDoS) Pillow-SIMD is a forked from python-pillow/Pillow Pillow-SIMD is "following" Pillow. Pillow-SIMD versions are 100% compatible drop-in replacements for Pillow of the same version. Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) via `next_object_id`. How to fix Regular Expression Denial of Service (ReDoS)? Upgrade `Pillow-SIMD` to version 8.2.0.post0 or higher.	[,8.2.0.post0)