vulnerability
CentOS Linux: CVE-2021-34552: Moderate: python-pillow security update (CESA-2021:4149)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:P/I:P/A:P) | Jul 13, 2021 | Nov 10, 2021 | May 25, 2023 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
Jul 13, 2021
Added
Nov 10, 2021
Modified
May 25, 2023
Description
Pillow through 8.2.0 and PIL (aka Python Imaging Library) through 1.1.7 allow an attacker to pass controlled parameters directly into a convert function to trigger a buffer overflow in Convert.c.
Solutions
centos-upgrade-python-pillow-debuginfocentos-upgrade-python-pillow-debugsourcecentos-upgrade-python3-pillowcentos-upgrade-python3-pillow-debuginfocentos-upgrade-python3-pillow-tk-debuginfo
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.