rpm package
suse/python-Pillow&distro=SUSE Package Hub 15 SP5
pkg:rpm/suse/python-Pillow&distro=SUSE%20Package%20Hub%2015%20SP5
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-50447 | — | < 8.4.0-bp155.3.3.1 | 8.4.0-bp155.3.3.1 | Jan 19, 2024 | Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than CVE-2022-22817 (which was about the expression parameter). | ||
| CVE-2022-45198 | — | < 8.4.0-bp155.3.9.1 | 8.4.0-bp155.3.9.1 | Nov 14, 2022 | Pillow before 9.2.0 performs Improper Handling of Highly Compressed GIF Data (Data Amplification). |
- CVE-2023-50447Jan 19, 2024affected < 8.4.0-bp155.3.3.1fixed 8.4.0-bp155.3.3.1
Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than CVE-2022-22817 (which was about the expression parameter).
- CVE-2022-45198Nov 14, 2022affected < 8.4.0-bp155.3.9.1fixed 8.4.0-bp155.3.9.1
Pillow before 9.2.0 performs Improper Handling of Highly Compressed GIF Data (Data Amplification).