CVSS: 8.1EPSS: 0%CPEs: 2EXPL: 0CVE-2023-50447 – pillow: Arbitrary Code Execution via the environment parameter
https://notcve.org/view.php?id=CVE-2023-50447
Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than CVE-2022-22817 (which was about the expression parameter). Pillow hasta la versión 10.1.0 permite la ejecución de código arbitrario PIL.ImageMath.eval a través del parámetro de entorno, una vulnerabilidad diferente a CVE-2022-22817 (que se refería al parámetro de expresión). A vulnerability was found in Pillow, a popular Python imaging library. The flaw identified in the PIL.ImageMath.eval function enables arbitrary code execution by manipulating the environment parameter. • http://www.openwall.com/lists/oss-security/2024/01/20/1 https://devhub.checkmarx.com/cve-details/CVE-2023-50447 https://duartecsantos.github.io/2024-01-02-CVE-2023-50447 https://github.com/python-pillow/Pillow/releases https://lists.debian.org/debian-lts-announce/2024/01/msg00019.html https://access.redhat.com/security/cve/CVE-2023-50447 https://bugzilla.redhat.com/show_bug.cgi?id=2259479 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-44271 – python-pillow: uncontrolled resource consumption when textlength in an ImageDraw instance operates on a long text argument
https://notcve.org/view.php?id=CVE-2023-44271
An issue was discovered in Pillow before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for truetype in ImageFont when textlength in an ImageDraw instance operates on a long text argument. Se descubrió un problema en Pillow antes de la versión 10.0.0. Es una Denegación de Servicio que asigna memoria de forma incontrolable para procesar una tarea determinada, lo que puede provocar que un servicio falle al quedarse sin memoria. • https://devhub.checkmarx.com/cve-details/CVE-2023-44271 https://github.com/python-pillow/Pillow/commit/1fe1bb49c452b0318cad12ea9d97c3bef188e9a7 https://github.com/python-pillow/Pillow/pull/7244 https://lists.debian.org/debian-lts-announce/2024/03/msg00021.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N2JOEDUJDQLCUII2LQYZYSM7RJL2I3P4 https://access.redhat.com/security/cve/CVE-2023-44271 https://bugzilla.redhat.com/show_bug.cgi?id=2247820 • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-45198
https://notcve.org/view.php?id=CVE-2022-45198
Pillow before 9.2.0 performs Improper Handling of Highly Compressed GIF Data (Data Amplification). Pillow anterior a 9.2.0 realiza un manejo inadecuado de datos GIF altamente comprimidos (amplificación de datos). • https://bugs.gentoo.org/855683 https://cwe.mitre.org/data/definitions/409.html https://github.com/python-pillow/Pillow/commit/11918eac0628ec8ac0812670d9838361ead2d6a4 https://github.com/python-pillow/Pillow/pull/6402 https://github.com/python-pillow/Pillow/releases/tag/9.2.0 https://security.gentoo.org/glsa/202211-10 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-45199
https://notcve.org/view.php?id=CVE-2022-45199
Pillow before 9.3.0 allows denial of service via SAMPLESPERPIXEL. Pillow anterior a 9.3.0 permite la denegación de servicio a través de SAMPLESPERPIXEL. • https://bugs.gentoo.org/878769 https://github.com/python-pillow/Pillow/commit/2444cddab2f83f28687c7c20871574acbb6dbcf3 https://github.com/python-pillow/Pillow/pull/6700 https://github.com/python-pillow/Pillow/releases/tag/9.3.0 https://security.gentoo.org/glsa/202211-10 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 9.1EPSS: 0%CPEs: 3EXPL: 0CVE-2022-24303
https://notcve.org/view.php?id=CVE-2022-24303
Pillow before 9.0.1 allows attackers to delete files because spaces in temporary pathnames are mishandled. Pillow versiones anteriores a 9.0.1, permite a atacantes eliminar archivos porque los espacios en los nombres de rutas temporales son manejados inapropiadamente • https://github.com/python-pillow/Pillow/pull/3450 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W4ZUXPKEX72O3E5IHBPVY5ZCPMJ4GHHV https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XR6UP2XONXOVXI4446VY72R63YRO2YTP https://pillow.readthedocs.io/en/stable/releasenotes/9.0.1.html#security https://security.gentoo.org/glsa/202211-10 •