0.015 Low
EPSS
Percentile
86.9%
Pillow is vulnerable to integer overflow. A malicious user can pass an image file to the application to cause an integer overflow when resampling it. This can result in a heap-based buffer overflow that can have multiple impacts.
bugzilla.novell.com/show_bug.cgi?id=975500
github.com/python-pillow/Pillow/commit/4e0d9b0b9740d258ade40cce248c93777362ac1e
github.com/python-pillow/Pillow/pull/1711
github.com/python-pillow/Pillow/pull/1714