Lucene search
GoogleOSV:CVE-2021-27923HistoryMar 03, 2021 - 9:15 a.m.
CVE-2021-27923
2021-03-0309:15:14
Google
osv.dev
3
0.002 Low
EPSS
Percentile
64.4%
Pillow before 8.1.1 allows attackers to cause a denial of service (memory consumption) because the reported size of a contained image is not properly checked for an ICO container, and thus an attempted memory allocation can be very large.
References
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S7G44Z33J4BNI2DPDROHWGVG2U7ZH5JU/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TQQY6472RX4J2SUJENWDZAWKTJJGP2ML/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZTSY25UJU7NJUFHH3HWT575LT4TDFWBZ/
pillow.readthedocs.io/en/stable/releasenotes/8.1.1.html
security.gentoo.org/glsa/202107-33
Related
redhatcve
redhatcve
CVE-2021-27923
2021-03-04 20:09:56
cvelist
cvelist
CVE-2021-27923
2021-03-03 08:41:40
veracode
veracode
Denial Of Service (DoS)
2021-03-04 02:24:08
prion
prion
Design/Logic Flaw
2021-03-03 09:15:00
osv
osv
PYSEC-2021-42
2021-03-03 09:15:00
Pillow Denial of Service by Uncontrolled Resource Consumption
2021-03-18 19:54:43
BIT-pillow-2021-27923
2024-03-06 11:03:53
github
github
Pillow Denial of Service by Uncontrolled Resource Consumption
2021-03-18 19:54:43
ubuntucve
ubuntucve
CVE-2021-27923
2021-03-03 00:00:00
alpinelinux
alpinelinux
CVE-2021-27923
2021-03-03 09:15:14
nvd
nvd
CVE-2021-27923
2021-03-03 09:15:14
cve
cve
CVE-2021-27923
2021-03-03 09:15:14
debiancve
debiancve
CVE-2021-27923
2021-03-03 09:15:14
openvas
openvas
Fedora: Security Advisory for python-pillow (FEDORA-2021-9016a9b7bd)
2021-03-20 00:00:00
Fedora: Security Advisory for mingw-python-pillow (FEDORA-2021-9016a9b7bd)
2021-03-20 00:00:00
Ubuntu: Security Advisory (USN-4763-1)
2021-03-12 00:00:00
fedora
fedora
[SECURITY] Fedora 34 Update: python-pillow-8.1.2-1.fc34
2021-03-19 20:28:49
[SECURITY] Fedora 34 Update: mingw-python-pillow-8.1.2-1.fc34
2021-03-19 20:28:49
[SECURITY] Fedora 33 Update: mingw-python-pillow-7.2.0-5.fc33
2021-03-15 01:20:06
ubuntu
ubuntu
Pillow vulnerabilities
2021-03-11 00:00:00
nessus
nessus
EulerOS 2.0 SP8 : python-pillow (EulerOS-SA-2021-2314)
2021-08-10 00:00:00
Fedora 33 : mingw-python-pillow / python-pillow / python2-pillow (2021-15845d3abe)
2021-03-15 00:00:00
EulerOS 2.0 SP9 : python-pillow (EulerOS-SA-2021-2253)
2021-08-09 00:00:00
suse
suse
Security update for python-CairoSVG, python-Pillow (moderate)
2021-08-10 00:00:00
rocky
rocky
python-pillow security update
2021-11-09 08:24:34
gentoo
gentoo
Pillow: Multiple vulnerabilities
2021-07-14 00:00:00
redhat
redhat
(RHSA-2021:4149) Moderate: python-pillow security update
2021-11-09 08:24:34
almalinux
almalinux
Moderate: python-pillow security update
2021-11-09 08:24:34
rosalinux
rosalinux
Advisory ROSA-SA-2021-1957
2021-07-02 18:03:40