CVSS: 8.1EPSS: 0%CPEs: 2EXPL: 0CVE-2023-50447 – pillow: Arbitrary Code Execution via the environment parameter
https://notcve.org/view.php?id=CVE-2023-50447
19 Jan 2024 — Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than CVE-2022-22817 (which was about the expression parameter). Pillow hasta la versión 10.1.0 permite la ejecución de código arbitrario PIL.ImageMath.eval a través del parámetro de entorno, una vulnerabilidad diferente a CVE-2022-22817 (que se refería al parámetro de expresión). A vulnerability was found in Pillow, a popular Python imaging library. The flaw identified in the PIL... • http://www.openwall.com/lists/oss-security/2024/01/20/1 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-44271 – python-pillow: uncontrolled resource consumption when textlength in an ImageDraw instance operates on a long text argument
https://notcve.org/view.php?id=CVE-2023-44271
03 Nov 2023 — An issue was discovered in Pillow before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for truetype in ImageFont when textlength in an ImageDraw instance operates on a long text argument. Se descubrió un problema en Pillow antes de la versión 10.0.0. Es una Denegación de Servicio que asigna memoria de forma incontrolable para procesar una tarea determinada, lo que puede provoc... • https://devhub.checkmarx.com/cve-details/CVE-2023-44271 • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-45198 – Ubuntu Security Notice USN-5777-1
https://notcve.org/view.php?id=CVE-2022-45198
14 Nov 2022 — Pillow before 9.2.0 performs Improper Handling of Highly Compressed GIF Data (Data Amplification). Pillow anterior a 9.2.0 realiza un manejo inadecuado de datos GIF altamente comprimidos (amplificación de datos). It was discovered that Pillow incorrectly handled the deletion of temporary files when using a temporary directory that contains spaces. An attacker could possibly use this issue to delete arbitrary files. This issue only affected Ubuntu 20.04 LTS. • https://bugs.gentoo.org/855683 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-45199 – Gentoo Linux Security Advisory 202211-10
https://notcve.org/view.php?id=CVE-2022-45199
14 Nov 2022 — Pillow before 9.3.0 allows denial of service via SAMPLESPERPIXEL. Pillow anterior a 9.3.0 permite la denegación de servicio a través de SAMPLESPERPIXEL. Multiple vulnerabilities have been found in Pillow, the worst of which could result in arbitrary code execution. Versions less than 9.3.0 are affected. • https://bugs.gentoo.org/878769 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 9.1EPSS: 0%CPEs: 3EXPL: 0CVE-2022-24303 – Ubuntu Security Notice USN-5777-1
https://notcve.org/view.php?id=CVE-2022-24303
28 Mar 2022 — Pillow before 9.0.1 allows attackers to delete files because spaces in temporary pathnames are mishandled. Pillow versiones anteriores a 9.0.1, permite a atacantes eliminar archivos porque los espacios en los nombres de rutas temporales son manejados inapropiadamente It was discovered that Pillow incorrectly handled the deletion of temporary files when using a temporary directory that contains spaces. An attacker could possibly use this issue to delete arbitrary files. This issue only affected Ubuntu 20.04 ... • https://github.com/python-pillow/Pillow/pull/3450 •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-22815 – python-pillow: improperly initializes ImagePath.Path in path_getbbox() in path.c
https://notcve.org/view.php?id=CVE-2022-22815
07 Jan 2022 — path_getbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path. La función path_getbbox en el archivo path.c en Pillow versiones anteriores a 9.0.0 inicializa incorrectamente ImagePath.Path A flaw was found in python-pillow. The vulnerability occurs due to improper initialization of image paths, leading to improperly initializing the ImagePath. This flaw allows an attacker to access unauthorized memory that causes memory access errors, incorrect results, or crashes. USN-5227-1 fixed vul... • https://github.com/python-pillow/Pillow/blob/c5d9223a8b5e9295d15b5a9b1ef1dae44c8499f3/src/path.c#L331 • CWE-665: Improper Initialization CWE-909: Missing Initialization of Resource •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-22816 – python-pillow: buffer over-read during initialization of ImagePath.Path in path_getbbox() in path.c
https://notcve.org/view.php?id=CVE-2022-22816
07 Jan 2022 — path_getbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization of ImagePath.Path. La función path_getbbox en el archivo path.c en Pillow versiones anteriores a 9.0.0, presenta una lectura excesiva del buffer durante la inicialización de ImagePath.Path A flaw was found in python-pillow. The vulnerability occurs due to improper initialization of image paths, leading to a buffer over-read and improper initialization. This flaw allows an attacker to unauthorized memory access that ca... • https://github.com/python-pillow/Pillow/blob/c5d9223a8b5e9295d15b5a9b1ef1dae44c8499f3/src/path.c#L331 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 1CVE-2022-22817 – python-pillow: PIL.ImageMath.eval allows evaluation of arbitrary expressions
https://notcve.org/view.php?id=CVE-2022-22817
07 Jan 2022 — PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitrary expressions, such as ones that use the Python exec method. A lambda expression could also be used. PIL.ImageMath.eval en Pillow antes de la versión 9.0.0 permite la evaluación de expresiones arbitrarias, como las que utilizan el método exec de Python. También se puede utilizar una expresión lambda, A flaw was found in python-pillow. The vulnerability occurs due to Improper Neutralization, leading to command injection. • https://github.com/JawadPy/CVE-2022-22817-Exploit • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2021-34552 – python-pillow: Buffer overflow in image convert function
https://notcve.org/view.php?id=CVE-2021-34552
13 Jul 2021 — Pillow through 8.2.0 and PIL (aka Python Imaging Library) through 1.1.7 allow an attacker to pass controlled parameters directly into a convert function to trigger a buffer overflow in Convert.c. Pillow versiones hasta 8.2.0 y PIL (también se conoce como Python Imaging Library) versiones hasta 1.1.7, permiten a un atacante pasar parámetros controlados directamente a una función de conversión para desencadenar un desbordamiento de búfer en el archivo Convert.c A flaw was found in python-pillow. This flaw all... • https://lists.debian.org/debian-lts-announce/2021/07/msg00018.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-28678 – python-pillow: Excessive looping in BLP image reader
https://notcve.org/view.php?id=CVE-2021-28678
02 Jun 2021 — An issue was discovered in Pillow before 8.2.0. For BLP data, BlpImagePlugin did not properly check that reads (after jumping to file offsets) returned data. This could lead to a DoS where the decoder could be run a large number of times on empty data. Se ha detectado un problema en Pillow versiones anteriores a 8.2.0,. En el caso de los datos BLP, la función BlpImagePlugin no comprobaba apropiadamente que las lecturas (después de saltar a los offsets de los archivos) devolvían datos. • https://github.com/python-pillow/Pillow/pull/5377 • CWE-20: Improper Input Validation CWE-345: Insufficient Verification of Data Authenticity •