Описание
Pillow through 8.2.0 and PIL (aka Python Imaging Library) through 1.1.7 allow an attacker to pass controlled parameters directly into a convert function to trigger a buffer overflow in Convert.c.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 5.1.0-1ubuntu0.7 |
| devel | not-affected | 8.1.2+dfsg-0.3 |
| esm-infra-legacy/trusty | not-affected | 2.3.0-1ubuntu3.4+esm3 |
| esm-infra/bionic | not-affected | 5.1.0-1ubuntu0.7 |
| esm-infra/focal | not-affected | 7.0.0-4ubuntu0.5 |
| esm-infra/xenial | released | 3.1.2-0ubuntu1.6+esm1 |
| focal | released | 7.0.0-4ubuntu0.5 |
| groovy | ignored | end of life |
| hirsute | released | 8.1.2-1ubuntu0.2 |
| impish | not-affected | 8.1.2+dfsg-0.3 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | DNE | |
| esm-apps/focal | needs-triage | |
| esm-infra-legacy/trusty | DNE | |
| focal | ignored | end of standard support, was needs-triage |
| groovy | ignored | end of life |
| hirsute | DNE | |
| impish | DNE | |
| jammy | DNE | |
| kinetic | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| groovy | DNE | |
| hirsute | DNE | |
| impish | DNE | |
| jammy | DNE | |
| kinetic | DNE |
Показывать по
Ссылки на источники
EPSS
7.5 High
CVSS2
9.8 Critical
CVSS3
Связанные уязвимости
Pillow through 8.2.0 and PIL (aka Python Imaging Library) through 1.1.7 allow an attacker to pass controlled parameters directly into a convert function to trigger a buffer overflow in Convert.c.
Pillow through 8.2.0 and PIL (aka Python Imaging Library) through 1.1.7 allow an attacker to pass controlled parameters directly into a convert function to trigger a buffer overflow in Convert.c.
Pillow through 8.2.0 and PIL (aka Python Imaging Library) through 1.1. ...
EPSS
7.5 High
CVSS2
9.8 Critical
CVSS3