EPSS
Percentile
79.8%
pillow is vulnerable to regular expression denial of service. The getrgb function accepts user-provided very long color specifier, exhausting regex engine due to excessive CPU consumption and resulting in a Denial of Service.
pillow.readthedocs.io/en/stable/releasenotes/8.3.2.html