Security Advisory Description
Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than CVE-2022-22817 (which was about the expression parameter). (CVE-2023-50447)
Impact
There is no impact; F5 products are not affected by this vulnerability.
AI Score
Confidence
EPSS
Percentile
73.5%