CVE-2014-3589

Опубликовано: 25 авг. 2014

Источник: debian

EPSS Низкий

Описание

PIL/IcnsImagePlugin.py in Python Imaging Library (PIL) and Pillow before 2.3.2 and 2.5.x before 2.5.2 allows remote attackers to cause a denial of service via a crafted block size.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
pillow	fixed	2.5.3-1		package
python-imaging	removed			package
python-imaging	fixed	1.1.7-2+deb6u1	squeeze	package

Примечания

https://github.com/python-pillow/Pillow/commit/205e056f8f9b06ed7b925cf8aa0874bc4aaf8a7d

EPSS

Процентиль: 74%

0.00808

Низкий

Связанные уязвимости

CVE-2014-3589

ubuntu

больше 11 лет назад

PIL/IcnsImagePlugin.py in Python Imaging Library (PIL) and Pillow before 2.3.2 and 2.5.x before 2.5.2 allows remote attackers to cause a denial of service via a crafted block size.

CVE-2014-3589

redhat

больше 11 лет назад

PIL/IcnsImagePlugin.py in Python Imaging Library (PIL) and Pillow before 2.3.2 and 2.5.x before 2.5.2 allows remote attackers to cause a denial of service via a crafted block size.

CVE-2014-3589

nvd

больше 11 лет назад

PIL/IcnsImagePlugin.py in Python Imaging Library (PIL) and Pillow before 2.3.2 and 2.5.x before 2.5.2 allows remote attackers to cause a denial of service via a crafted block size.

GHSA-cfmr-38g9-f2h7

CVSS3: 7.5

github

больше 3 лет назад

Pillow denial of service via Crafted Block Size

EPSS

Процентиль: 74%

0.00808

Низкий