SynopsisThe remote Oracle Linux host is missing a security update.
DescriptionFrom Red Hat Security Advisory 2020:3185 :
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3185 advisory.
- python-pillow: out-of-bounds reads/writes in the parsing of SGI image files in expandrow/expandrow2 (CVE-2020-11538)
- python-pillow: out-of-bounds read in ImagingFliDecode when loading FLI images (CVE-2020-5313)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
SolutionUpdate the affected python-pillow package.