vulnerability
Ubuntu: (Multiple Advisories) (CVE-2022-22817): Pillow vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:P/I:P/A:P) | Jan 10, 2022 | Jan 14, 2022 | Nov 15, 2024 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
Jan 10, 2022
Added
Jan 14, 2022
Modified
Nov 15, 2024
Description
PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitrary expressions, such as ones that use the Python exec method. A lambda expression could also be used.
Solutions
ubuntu-pro-upgrade-python-pilubuntu-pro-upgrade-python3-pil
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.