Описание
Pillow is a Python imaging library. From 10.3.0 to before 12.1.1, n out-of-bounds write may be triggered when loading a specially crafted PSD image. This vulnerability is fixed in 12.1.1.
Ссылки
- Patch
- Vendor Advisory
- Mailing ListPatchThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 10.3.0 (включая) до 12.1.1 (исключая)
cpe:2.3:a:python:pillow:*:*:*:*:*:*:*:*
EPSS
Процентиль: 5%
0.00018
Низкий
7.5 High
CVSS3
Дефекты
CWE-787
Связанные уязвимости
CVSS3: 7.5
ubuntu
около 1 месяца назад
Pillow is a Python imaging library. From 10.3.0 to before 12.1.1, n out-of-bounds write may be triggered when loading a specially crafted PSD image. This vulnerability is fixed in 12.1.1.
CVSS3: 7.3
redhat
около 1 месяца назад
Pillow is a Python imaging library. From 10.3.0 to before 12.1.1, n out-of-bounds write may be triggered when loading a specially crafted PSD image. This vulnerability is fixed in 12.1.1.
CVSS3: 7.5
debian
около 1 месяца назад
Pillow is a Python imaging library. From 10.3.0 to before 12.1.1, n ou ...
github
около 1 месяца назад
Pillow affected by out-of-bounds write when loading PSD images
EPSS
Процентиль: 5%
0.00018
Низкий
7.5 High
CVSS3
Дефекты
CWE-787