vulnerability
SUSE: CVE-2021-23437: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:N/I:N/A:P) | Sep 3, 2021 | Aug 9, 2024 | Aug 9, 2024 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
Sep 3, 2021
Added
Aug 9, 2024
Modified
Aug 9, 2024
Description
The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the getrgb function.
Solutions
suse-upgrade-python3-pillowsuse-upgrade-python3-pillow-tk
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.