9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
68.3%
A vulnerability in the Python Pillow image library is related to buffer re-reading during the
ImagePath.Path initialization in the path_getbbox() function in path.c. Exploitation of the vulnerability could allow
an attacker acting remotely to pass a specially crafted file to a vulnerable library and read the
the contents of memory on the system
The vulnerability in the Python Pillow image library is related to an input validation error in the processing of
directory traversal sequences in path_getbbox() in path.c. Exploitation of the vulnerability could
allow an attacker acting remotely to send a specially crafted HTTP request and read
arbitrary files on the system
A vulnerability in the Python Pillow image library is related to the misuse of the function
PIL.ImageMath.eval() for arbitrary expressions. Exploitation of the vulnerability could allow an attacker,
acting remotely, to pass a specially crafted file to the library and execute arbitrary code on the
system
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
redos | 7.3 | x86_64 | python3-pillow | <= 8.1.2-1 | UNKNOWN |
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
68.3%