2 matches found
Denial Of Service (DoS)
Pillow is vulnerable to denial of service DoS attacks. The vulnerability is due to improper handling of the SAMPLESPERPIXEL tag in TiffImagePlugin.py, causing large values to lead to memory exhaustion...
Pillow subject to DoS via SAMPLESPERPIXEL tag
Pillow starting with 9.2.0 and prior to 9.3.0 allows denial of service via SAMPLESPERPIXEL. A large value in the SAMPLESPERPIXEL tag could lead to a memory and runtime DOS in TiffImagePlugin.py when setting up the context for image decoding. This issue has been patched in version 9.3.0...