Lucene search

Uncontrolled Resource Consumption in Pillow

🗓️ 08 Jun 2021 18:36:49Reported by GitHub Advisory DatabaseType

Uncontrolled resource consumption in Pillow due to EPS data handlin

Reporter	Title	Published	Views	Family All 76
RedhatCVE	CVE-2021-28677	11 May 202120:55	–	redhatcve
Veracode	Denial Of Service (DoS)	10 May 202106:30	–	veracode
OSV	PYSEC-2021-93	2 Jun 202116:15	–	osv
OSV	CVE-2021-28677	2 Jun 202116:15	–	osv
OSV	BIT-pillow-2021-28677	6 Mar 202411:03	–	osv
OSV	Uncontrolled Resource Consumption in Pillow	8 Jun 202118:49	–	osv
OSV	pillow - security update	22 Jul 202100:00	–	osv
OSV	pillow vulnerabilities	19 May 202113:54	–	osv
OSV	Moderate: python-pillow security update	9 Nov 202108:24	–	osv
OSV	Moderate: python-pillow security update	9 Nov 202108:24	–	osv

Vulners

Node

python pillowRange<8.2.0

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2021-28677
github	www.github.com/python-pillow/Pillow/pull/5377
pillow	www.pillow.readthedocs.io/en/stable/releasenotes/8.2.0.html
security	www.security.gentoo.org/glsa/202107-33
lists	www.lists.debian.org/debian-lts-announce/2021/07/msg00018.html
github	www.github.com/python-pillow/Pillow/commit/5a5e6db0abf4e7a638fb1b3408c4e495a096cb92
lists	www.lists.fedoraproject.org/archives/list/[email protected]/message/MQHA5HAIBOYI3R6HDWCLAGFTIQP767FL
github	www.github.com/advisories/GHSA-q5hq-fp76-qmrc
github	www.github.com/pypa/advisory-database/tree/main/vulns/pillow/PYSEC-2021-93.yaml

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

08 Jun 2021 18:49Current

1.9Low risk

Vulners AI Score1.9

CVSS25

CVSS37.5

EPSS0.00444

CWE-400