The vulnerability of the Pillow image processing library, related to uncontrolled resource consumption, allows a hacker to perform a type of “denial-of-service” attack.

The vulnerability of the Pillow image-processing library lies in the fact that the application does not properly control the consumption of internal resources in TiffImagePlugin.py during the context setting for image decoding. Exploiting this vulnerability allows a remote attacker to trigger...

PT-2022-6570 · Pypi +2 · Pillow +2

Name of the Vulnerable Software and Affected Versions: Pillow versions 9.2.0 through 9.2.x and prior to 9.3.0 can be simplified to: Pillow versions 9.2.0 through 9.3.0, but since 9.3.0 is the fixed version, the correct representation is: Pillow versions prior to 9.3.0 Description: The issue is...