Oval Definition:
oval:org.opensuse.security:def:202134552
Revision Date
:
2022-06-30
Version
:
1
Title
:
CVE-2021-34552
Description
:
Pillow through 8.2.0 and PIL (aka Python Imaging Library) through 1.1.7 allow an attacker to pass controlled parameters directly into a convert function to trigger a buffer overflow in Convert.c.
Family
:
unix
Class
:
vulnerability
Status
:
Reference(s)
:
Mitre CVE-2021-34552
SUSE CVE-2021-34552
SUSE-SU-2021:2595-1
SUSE-SU-2021:2631-1
SUSE-SU-2021:2632-1
openSUSE-SU-2021:1134-1
Platform(s)
:
openSUSE Leap 15.2
openSUSE Tumbleweed
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s)
:
Definition Synopsis
openSUSE Tumbleweed is installed
AND
Package Information
python36-Pillow-8.3.2-1.2 is installed
OR
python36-Pillow-tk-8.3.2-1.2 is installed
OR
python38-Pillow-8.3.2-1.2 is installed
OR
python38-Pillow-tk-8.3.2-1.2 is installed
OR
python39-Pillow-8.3.2-1.2 is installed
OR
python39-Pillow-tk-8.3.2-1.2 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed
AND
python-Pillow-2.8.1-4.25.1 is installed
Definition Synopsis
Release Information
SUSE OpenStack Cloud 8 is installed
OR
SUSE OpenStack Cloud Crowbar 8 is installed
AND
python-Pillow-4.2.1-3.17.1 is installed
Definition Synopsis
Release Information
SUSE OpenStack Cloud 9 is installed
OR
SUSE OpenStack Cloud Crowbar 9 is installed
AND
python-Pillow-5.2.0-3.11.1 is installed
Definition Synopsis
openSUSE Leap 15.2 is installed
AND
Package Information
python3-CairoSVG-2.5.1-lp152.2.3.1 is installed
AND
python3-CairoSVG is signed with openSUSE key
OR
python3-Pillow-8.3.1-lp152.5.3.1 is installed
AND
python3-Pillow is signed with openSUSE key
OR
python3-Pillow-tk-8.3.1-lp152.5.3.1 is installed
AND
python3-Pillow-tk is signed with openSUSE key
BACK