vulnerability
Amazon Linux AMI 2: CVE-2021-34552: Security patch for python-pillow (ALAS-2023-2083)
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
8 | (AV:N/AC:L/Au:N/C:P/I:P/A:P) | Jul 13, 2021 | Jun 8, 2023 | Jun 8, 2023 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
Jul 13, 2021
Added
Jun 8, 2023
Modified
Jun 8, 2023
Description
Pillow through 8.2.0 and PIL (aka Python Imaging Library) through 1.1.7 allow an attacker to pass controlled parameters directly into a convert function to trigger a buffer overflow in Convert.c.
Solution(s)
amazon-linux-ami-2-upgrade-python-pillowamazon-linux-ami-2-upgrade-python-pillow-debuginfoamazon-linux-ami-2-upgrade-python-pillow-develamazon-linux-ami-2-upgrade-python-pillow-docamazon-linux-ami-2-upgrade-python-pillow-saneamazon-linux-ami-2-upgrade-python-pillow-tk

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.