An issue was discovered in Pillow before 8.1.1. The PDF parser allows a regular expression DoS (ReDoS) attack via a crafted PDF file because of a catastrophic backtracking regex.

References

pillow.readthedocs.io/en/stable/releasenotes/8.1.1.html

security.gentoo.org/glsa/202107-33

redhatcve 1

veracode 1

prion 1

nvd 1

cve 1

ubuntucve 1

debiancve 1

osv 10

github 1

cnvd 1

alpinelinux 1

openvas 13

nessus 17

ubuntu 1

fedora 5

kitploit 1

suse 1

rocky 1

gentoo 1

almalinux 1

redhat 2

rosalinux 1

redhatcve

CVE-2021-25292

2021-03-03 17:39:55

veracode

Regular Expression Denial-of-Service (ReDoS)

2021-03-04 02:17:19

prion

Design/Logic Flaw

2021-03-19 04:15:00

nvd

CVE-2021-25292

2021-03-19 04:15:13

cve

CVE-2021-25292

2021-03-19 04:15:13

ubuntucve

CVE-2021-25292

2021-03-03 00:00:00

debiancve

CVE-2021-25292

2021-03-19 04:15:13

osv

BIT-pillow-2021-25292

2024-03-06 11:04:34

CVE-2021-25292

2021-03-19 04:15:13

Regular Expression Denial of Service (ReDoS) in Pillow

2021-03-29 16:35:46

github

Regular Expression Denial of Service (ReDoS) in Pillow

2021-03-29 16:35:46

cnvd

Pillow has an unspecified vulnerability (CNVD-2021-54034)

2021-03-15 00:00:00

alpinelinux

CVE-2021-25292

2021-03-19 04:15:13

openvas

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2021-2481)

2021-09-24 00:00:00

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2021-2775)

2021-11-17 00:00:00

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2021-2731)

2021-11-17 00:00:00

nessus

EulerOS 2.0 SP8 : python-pillow (EulerOS-SA-2021-2481)

2021-09-24 00:00:00

EulerOS Virtualization 2.9.1 : python-pillow (EulerOS-SA-2021-2731)

2021-11-17 00:00:00

EulerOS Virtualization 2.9.0 : python-pillow (EulerOS-SA-2021-2775)

2021-11-17 00:00:00

ubuntu

Pillow vulnerabilities

2021-03-11 00:00:00

fedora

[SECURITY] Fedora 32 Update: python-pillow-7.0.0-7.fc32

2021-03-15 01:08:24

[SECURITY] Fedora 33 Update: python-pillow-7.2.0-5.fc33

2021-03-15 01:20:06

[SECURITY] Fedora 33 Update: mingw-python-pillow-7.2.0-5.fc33

2021-03-15 01:20:06

kitploit

Regexploit - Find Regular Expressions Which Are Vulnerable To ReDoS (Regular Expression Denial Of Service)

2021-07-20 12:30:00

suse

Security update for python-CairoSVG, python-Pillow (moderate)

2021-08-10 00:00:00

rocky

python-pillow security update

2021-11-09 08:24:34

gentoo

Pillow: Multiple vulnerabilities

2021-07-14 00:00:00

almalinux

Moderate: python-pillow security update

2021-11-09 08:24:34

redhat

(RHSA-2021:4149) Moderate: python-pillow security update

2021-11-09 08:24:34

(RHSA-2021:3917) Important: Red Hat Quay v3.6.0 security, bug fix and enhancement update

2021-10-19 12:05:33

rosalinux

Advisory ROSA-SA-2021-1957

2021-07-02 18:03:40

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

AI Score

7.9

Confidence

High

EPSS

0.001

Percentile

44.0%

JSON

Related for CVELIST:CVE-2021-25292