Lucene search

Basic search
Lucene search
Search by product

Database

Vendors

GoogleOSV:PYSEC-2021-317

HistorySep 03, 2021 - 4:15 p.m.

Vulners
/
Osv
/
PYSEC-2021-317

PYSEC-2021-317

2021-09-0316:15:00

Google

osv.dev

pillow package

version 8.3.2

regular expression denial of service

EPSS

0.007

Percentile

79.8%

JSON

The package pillow from 0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the getrgb function.

References

github.com/advisories/GHSA-98vv-pw6r-q6q4

github.com/python-pillow/Pillow/commit/9e08eb8f78fdfd2f476e1b20b7cf38683754866b

pillow.readthedocs.io/en/stable/releasenotes/8.3.2.html

snyk.io/vuln/SNYK-PYTHON-PILLOW-1319443

openvas 22

nessus 19

fedora 5

github 1

ibm 1

freebsd 1

redhatcve 1

amazon 1

veracode 2

cvelist 1

mageia 1

nvd 1

osv 10

alpinelinux 1

ubuntucve 1

prion 1

debiancve 1

cve 1

debian 1

ubuntu 3

gentoo 1

openvas

Fedora: Security Advisory for mingw-python-pillow (FEDORA-2021-cbfaefb390)

2021-09-22 00:00:00

Fedora: Security Advisory for mingw-python-pillow (FEDORA-2021-9f020cf155)

2021-09-22 00:00:00

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2021-2719)

2021-11-12 00:00:00

nessus

EulerOS 2.0 SP9 : python-pillow (EulerOS-SA-2021-2719)

2021-11-11 00:00:00

EulerOS 2.0 SP8 : python-pillow (EulerOS-SA-2021-2641)

2021-11-02 00:00:00

EulerOS 2.0 SP5 : python-pillow (EulerOS-SA-2021-2670)

2021-11-11 00:00:00

fedora

[SECURITY] Fedora 33 Update: mingw-python-pillow-7.2.0-8.fc33

2021-09-21 15:25:34

[SECURITY] Fedora 34 Update: mingw-python-pillow-8.1.2-4.fc34

2021-09-21 15:33:20

[SECURITY] Fedora 34 Update: python-pillow-8.1.2-5.fc34

2021-09-21 15:33:20

github

Uncontrolled Resource Consumption in pillow

2021-09-07 23:08:10

ibm

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Python Pillow

2021-11-30 16:27:20

freebsd

Pillow -- Regular Expression Denial of Service (ReDoS)

2021-09-02 00:00:00

redhatcve

CVE-2021-23437

2021-09-07 12:41:32

amazon

Important: python-pillow

2023-07-05 22:01:00

veracode

Regular Expression Denial Of Service (ReDoS)

2021-09-06 05:20:55

Regular Expression Denial Of Service (ReDoS)

2021-10-25 23:18:31

cvelist

CVE-2021-23437 Regular Expression Denial of Service (ReDoS)

2021-09-03 16:10:10

mageia

Updated python-pillow packages fix security vulnerability

2021-09-29 20:22:22

nvd

CVE-2021-23437

2021-09-03 16:15:08

osv

CVE-2021-23437

2021-09-03 16:15:08

Uncontrolled Resource Consumption in pillow

2021-09-07 23:08:10

BIT-pillow-2021-23437

2024-03-06 11:05:30

alpinelinux

CVE-2021-23437

2021-09-03 16:15:08

ubuntucve

CVE-2021-23437

2021-09-03 00:00:00

prion

Design/Logic Flaw

2021-09-03 16:15:00

debiancve

CVE-2021-23437

2021-09-03 16:15:08

cve

CVE-2021-23437

2021-09-03 16:15:08

debian

[SECURITY] [DLA 3768-1] pillow security update

2024-03-22 10:00:44

ubuntu

Pillow vulnerabilities

2022-01-13 00:00:00

Pillow vulnerability

2022-10-24 00:00:00

Pillow vulnerabilities

2022-01-17 00:00:00

gentoo

Pillow: Multiple Vulnerabilities

2022-11-22 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

EPSS

0.007

Percentile

79.8%

JSON

Related for OSV:PYSEC-2021-317