Описание
Heap-based buffer overflow in the j2k_encode_entry function in Pillow 2.5.0 through 3.1.1 allows remote attackers to cause a denial of service (memory corruption) via a crafted Jpeg2000 file.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | python-imaging | Not affected | ||
| Red Hat Enterprise Linux 6 | python-imaging | Not affected | ||
| Red Hat Enterprise Linux 7 | python-pillow | Not affected |
Показывать по
10
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-190->CWE-122
https://bugzilla.redhat.com/show_bug.cgi?id=1321929python-pillow: buffer overflow in Jpeg2kEncode.c
EPSS
Процентиль: 63%
0.00457
Низкий
5.1 Medium
CVSS2
Связанные уязвимости
CVSS3: 5.5
ubuntu
почти 9 лет назад
Heap-based buffer overflow in the j2k_encode_entry function in Pillow 2.5.0 through 3.1.1 allows remote attackers to cause a denial of service (memory corruption) via a crafted Jpeg2000 file.
CVSS3: 5.5
nvd
почти 9 лет назад
Heap-based buffer overflow in the j2k_encode_entry function in Pillow 2.5.0 through 3.1.1 allows remote attackers to cause a denial of service (memory corruption) via a crafted Jpeg2000 file.
CVSS3: 5.5
debian
почти 9 лет назад
Heap-based buffer overflow in the j2k_encode_entry function in Pillow ...
EPSS
Процентиль: 63%
0.00457
Низкий
5.1 Medium
CVSS2