vulnerability
FreeBSD: VID-0519db18-cf15-11e5-805c-5453ed2e2b49: py-pillow -- Integer overflow in Resample.c
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 9 | (AV:N/AC:L/Au:N/C:N/I:C/A:C) | Feb 9, 2016 | Feb 12, 2016 | Dec 10, 2025 |
Severity
9
CVSS
(AV:N/AC:L/Au:N/C:N/I:C/A:C)
Published
Feb 9, 2016
Added
Feb 12, 2016
Modified
Dec 10, 2025
Description
The Pillow maintainers report: If a large value was passed into the new size for an image, it is possible to overflow an int32 value passed into malloc, leading the malloc’d buffer to be undersized. These allocations are followed by a loop that writes out of bounds. This can lead to corruption on the heap of the Python process with attacker controlled float data. This issue was found by Ned Williamson.
Solutions
freebsd-upgrade-package-py27-pillowfreebsd-upgrade-package-py33-pillowfreebsd-upgrade-package-py34-pillowfreebsd-upgrade-package-py35-pillow
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.