Lucene search
China National Vulnerability DatabaseCNVD-2022-66671HistoryJun 07, 2022 - 12:00 a.m.
Pillow Buffer Overflow Vulnerability (CNVD-2022-66671)
2022-06-0700:00:00
China National Vulnerability Database
www.cnvd.org.cn
16
pillow library
buffer overflow
vulnerability
python
tga files
remote attacker
heap-based overflow
arbitrary code
cnvd-2022-66671
EPSS
0.002
Percentile
54.1%
Pillow, a Python-based image processing library, is vulnerable to a buffer overflow vulnerability in Pillow version 9.1.0, which stems from a boundary error when processing TGA files. A remote attacker could exploit this vulnerability to pass specially designed data to the application, trigger a heap-based buffer overflow, and execute arbitrary code on the target system.
Related
alpinelinux
alpinelinux
CVE-2022-30595
2022-05-25 12:15:08
veracode
veracode
Heap-based Buffer Overflow
2022-05-26 08:26:25
osv
osv
CVE-2022-30595
2022-05-25 12:15:08
python310-Pillow-9.1.1-1.1 on GA media
2024-06-15 00:00:00
BIT-pillow-2022-30595
2024-03-06 11:02:11
cve
cve
CVE-2022-30595
2022-05-25 12:15:08
debiancve
debiancve
CVE-2022-30595
2022-05-25 12:15:08
ubuntucve
ubuntucve
CVE-2022-30595
2022-05-25 00:00:00
github
github
Buffer over-flow in Pillow
2022-05-26 00:01:27
redhatcve
redhatcve
CVE-2022-30595
2022-05-18 22:30:33
prion
prion
Heap overflow
2022-05-25 12:15:00
cvelist
cvelist
CVE-2022-30595
2022-05-25 11:46:45
nvd
nvd
CVE-2022-30595
2022-05-25 12:15:08
openvas
openvas
Mageia: Security Advisory (MGASA-2023-0164)
2023-05-17 00:00:00
mageia
mageia
Updated python-pillow packages fix security vulnerability
2023-05-16 22:17:40