CVE-2014-3598

Опубликовано: 01 сент. 2014

Источник: redhat

CVSS2: 4.3

Описание

The Jpeg2KImagePlugin plugin in Pillow before 2.5.3 allows remote attackers to cause a denial of service via a crafted image.

Отчет

This issue did not affect the versions of python-imaging as shipped with Red Hat Enterprise Linux 5 and 6, and the versions of python-pillow as shipped with Red Hat Enterprise Linux 7, as they did not include the affected Jpeg2KImagePlugin module.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 5	python-imaging	Not affected
Red Hat Enterprise Linux 6	python-imaging	Not affected
Red Hat Enterprise Linux 7	python-pillow	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-835

https://bugzilla.redhat.com/show_bug.cgi?id=1163441python-pillow: Jpeg2KImagePlugin infinite loop DoS

4.3 Medium

CVSS2

Связанные уязвимости

CVE-2014-3598

ubuntu

почти 11 лет назад

The Jpeg2KImagePlugin plugin in Pillow before 2.5.3 allows remote attackers to cause a denial of service via a crafted image.

CVE-2014-3598

nvd

почти 11 лет назад

The Jpeg2KImagePlugin plugin in Pillow before 2.5.3 allows remote attackers to cause a denial of service via a crafted image.

CVE-2014-3598

debian

почти 11 лет назад

The Jpeg2KImagePlugin plugin in Pillow before 2.5.3 allows remote atta ...

GHSA-j6f7-g425-4gmx

CVSS3: 7.5

github

больше 3 лет назад

Pillow is vulnerable to Denial of Service (DOS) in the Jpeg2KImagePlugin

4.3 Medium

CVSS2