Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2021-27922

Опубликовано: 03 мар. 2021
Источник: nvd
CVSS3: 7.5
CVSS2: 5
EPSS Низкий

Описание

Pillow before 8.1.2 allows attackers to cause a denial of service (memory consumption) because the reported size of a contained image is not properly checked for an ICNS container, and thus an attempted memory allocation can be very large.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:python:pillow:*:*:*:*:*:*:*:*
Версия до 8.1.1 (исключая)
Конфигурация 2

Одно из

cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*

EPSS

Процентиль: 35%
0.00145
Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

ubuntu логотип

CVE-2021-27922

CVSS3: 7.5
ubuntu
почти 5 лет назад

Pillow before 8.1.2 allows attackers to cause a denial of service (memory consumption) because the reported size of a contained image is not properly checked for an ICNS container, and thus an attempted memory allocation can be very large.

redhat логотип

CVE-2021-27922

CVSS3: 7.5
redhat
почти 5 лет назад

Pillow before 8.1.2 allows attackers to cause a denial of service (memory consumption) because the reported size of a contained image is not properly checked for an ICNS container, and thus an attempted memory allocation can be very large.

debian логотип

CVE-2021-27922

CVSS3: 7.5
debian
почти 5 лет назад

Pillow before 8.1.2 allows attackers to cause a denial of service (mem ...

github логотип

GHSA-3wvg-mj6g-m9cv

CVSS3: 7.5
github
почти 5 лет назад

Pillow Uncontrolled Resource Consumption

suse-cvrf логотип

SUSE-SU-2024:1673-2

suse-cvrf
больше 1 года назад

Security update for python-Pillow

EPSS

Процентиль: 35%
0.00145
Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-20