vulnerability
CentOS Linux: CVE-2022-22817: Important: python-pillow security update (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:P/I:P/A:P) | Jan 10, 2022 | Feb 23, 2022 | Dec 12, 2023 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
Jan 10, 2022
Added
Feb 23, 2022
Modified
Dec 12, 2023
Description
PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitrary expressions, such as ones that use the Python exec method. A lambda expression could also be used.
Solution(s)
centos-upgrade-python-pillowcentos-upgrade-python-pillow-debuginfocentos-upgrade-python-pillow-debugsourcecentos-upgrade-python-pillow-develcentos-upgrade-python-pillow-doccentos-upgrade-python-pillow-qtcentos-upgrade-python-pillow-sanecentos-upgrade-python-pillow-tkcentos-upgrade-python3-pillowcentos-upgrade-python3-pillow-debuginfocentos-upgrade-python3-pillow-tk-debuginfo
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.