CVE-2024-28219

Опубликовано: 03 апр. 2024

Источник: debian

EPSS Низкий

Описание

In _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy.

Пакет	Статус	Версия исправления	Релиз	Тип
pillow	fixed	10.3.0-1		package

https://pillow.readthedocs.io/en/stable/releasenotes/10.3.0.html#security
https://github.com/python-pillow/Pillow/commit/2a93aba5cfcf6e241ab4f9392c13e3b74032c061 (10.3.0)

EPSS

Процентиль: 28%

0.00095

Низкий

CVE-2024-28219

CVSS3: 6.7

ubuntu

около 1 года назад

In _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy.

CVE-2024-28219

CVSS3: 6.5

redhat

около 1 года назад

In _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy.

CVE-2024-28219

CVSS3: 6.7

nvd

около 1 года назад

In _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy.

SUSE-SU-2024:1258-1

suse-cvrf

около 1 года назад

Security update for python-Pillow

SUSE-SU-2024:1154-1

suse-cvrf

около 1 года назад

Security update for python-Pillow

EPSS

Процентиль: 28%

0.00095

Низкий