Описание
Pillow before 2.7.0 allows remote attackers to cause a denial of service via a compressed text chunk in a PNG image that has a large size when it is decompressed.
Ссылки
- Third Party Advisory
- Third Party Advisory
- Vendor Advisory
- Third Party Advisory
- Vendor Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Vendor Advisory
- Third Party Advisory
- Vendor Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.6.2 (включая)
cpe:2.3:a:python:pillow:*:*:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*
Конфигурация 3
Одно из
cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
EPSS
Процентиль: 79%
0.01207
Низкий
5 Medium
CVSS2
Дефекты
CWE-20
Связанные уязвимости
ubuntu
около 11 лет назад
Pillow before 2.7.0 allows remote attackers to cause a denial of service via a compressed text chunk in a PNG image that has a large size when it is decompressed.
redhat
около 11 лет назад
Pillow before 2.7.0 allows remote attackers to cause a denial of service via a compressed text chunk in a PNG image that has a large size when it is decompressed.
debian
около 11 лет назад
Pillow before 2.7.0 allows remote attackers to cause a denial of servi ...
EPSS
Процентиль: 79%
0.01207
Низкий
5 Medium
CVSS2
Дефекты
CWE-20