Linux Distros Unpatched Vulnerability : CVE-2023-50447

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than CVE-2022-22817 which was...

pillow: Arbitrary Code Execution via the environment parameter

A vulnerability was found in Pillow, a popular Python imaging library. The flaw identified in the PIL.ImageMath.eval function enables arbitrary code execution by manipulating the environment parameter...

CVE-2023-50447

Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than CVE-2022-22817 which was about the expression parameter...

UBUNTU-CVE-2023-50447

Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than CVE-2022-22817 which was about the expression parameter...

RHEL 7 : python-pillow (RHSA-2022:0609)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0609 advisory. The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal...

PYSEC-2022-10

PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitrary expressions, such as ones that use the Python exec method...