vulnerability

CentOS Linux: CVE-2022-22817: Important: python-pillow security update (Multiple Advisories)

Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
Jan 10, 2022
Added
Feb 23, 2022
Modified
Dec 12, 2023

Description

PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitrary expressions, such as ones that use the Python exec method. A lambda expression could also be used.

Solution(s)

centos-upgrade-python-pillowcentos-upgrade-python-pillow-debuginfocentos-upgrade-python-pillow-debugsourcecentos-upgrade-python-pillow-develcentos-upgrade-python-pillow-doccentos-upgrade-python-pillow-qtcentos-upgrade-python-pillow-sanecentos-upgrade-python-pillow-tkcentos-upgrade-python3-pillowcentos-upgrade-python3-pillow-debuginfocentos-upgrade-python3-pillow-tk-debuginfo
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.