[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250053

 
 

909

 
 

195940

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
OVAL

ALAS2-2024-2444 --- python-pillow

ID: oval:org.secpod.oval:def:1702097Date: (C)2024-02-28   (M)2024-04-03
Class: PATCHFamily: unix




Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than CVE-2022-22817

Platform:
Amazon Linux 2
Product:
python-pillow
Reference:
ALAS2-2024-2444
CVE-2023-50447
CVE    1
CVE-2023-50447
CPE    2
cpe:/a:python:python-pillow
cpe:/o:amazon:linux:2

© SecPod Technologies