It was discovered that Pillow incorrectly handled large glyph advance values in fonts. An attacker could possibly use this issue to cause Pillow to crash, resulting in a denial of service. (CVE-2026-42308) It was discovered that Pillow incorrectly handled nested coordinate lists in certain APIs....

#Sicherheitslücke #DDoS

Original-Artikel öffnen Zurück zur Übersicht

ARTICLEVIEW

USN-8399-1: Pillow vulnerabilities

VERWANDTEARTIKEL

Critical Check Point VPN Flaw Exploited to Bypass Passwords in IKEv1 Setups

CVE-2026-43973 - gun HTTP/1.1 response buffer has no size limit allowing server-controlled memory exhaustion

CVE-2026-43974 - gun HTTP/1.1 client accepts unsolicited 101 Switching Protocols response allowing server-driven protocol hijack and OOM

Everest Forms Pro WordPress Flaw is Handing Attackers Admin Access

Check Point warnt vor aktiv ausgenutzter VPN-Schwachstelle

USN-8402-1: systemd vulnerabilities