Lucene search
Veracode Vulnerability DatabaseVERACODE:32714HistoryOct 25, 2021 - 11:18 p.m.
Regular Expression Denial Of Service (ReDoS)
2021-10-2523:18:31
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
17
py3-pillow vulnerability
regular expression denial of service
getrgb function
software
EPSS
0.007
Percentile
79.8%
py3-pillow is vulnerable to regular expression denial of service. An attacker is able to crash the system through the getrgb function.
References
github.com/python-pillow/Pillow/commit/9e08eb8f78fdfd2f476e1b20b7cf38683754866b
lists.fedoraproject.org/archives/list/[email protected]/message/RNSG6VFXTAROGF7ACYLMAZNQV4EJ6I2C/
lists.fedoraproject.org/archives/list/[email protected]/message/VKRCL7KKAKOXCVD7M6WC5OKFGL4L3SJT/
pillow.readthedocs.io/en/stable/releasenotes/8.3.2.html
secdb.alpinelinux.org/edge/main.yaml
Related
openvas
openvas
Fedora: Security Advisory for mingw-python-pillow (FEDORA-2021-cbfaefb390)
2021-09-22 00:00:00
Fedora: Security Advisory for mingw-python-pillow (FEDORA-2021-9f020cf155)
2021-09-22 00:00:00
Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2021-2719)
2021-11-12 00:00:00
nessus
nessus
EulerOS 2.0 SP9 : python-pillow (EulerOS-SA-2021-2719)
2021-11-11 00:00:00
EulerOS 2.0 SP8 : python-pillow (EulerOS-SA-2021-2641)
2021-11-02 00:00:00
EulerOS 2.0 SP5 : python-pillow (EulerOS-SA-2021-2670)
2021-11-11 00:00:00
fedora
fedora
[SECURITY] Fedora 33 Update: mingw-python-pillow-7.2.0-8.fc33
2021-09-21 15:25:34
[SECURITY] Fedora 34 Update: mingw-python-pillow-8.1.2-4.fc34
2021-09-21 15:33:20
[SECURITY] Fedora 34 Update: python-pillow-8.1.2-5.fc34
2021-09-21 15:33:20
ibm
ibm
github
github
Uncontrolled Resource Consumption in pillow
2021-09-07 23:08:10
freebsd
freebsd
Pillow -- Regular Expression Denial of Service (ReDoS)
2021-09-02 00:00:00
redhatcve
redhatcve
CVE-2021-23437
2021-09-07 12:41:32
amazon
amazon
Important: python-pillow
2023-07-05 22:01:00
veracode
veracode
Regular Expression Denial Of Service (ReDoS)
2021-09-06 05:20:55
cvelist
cvelist
CVE-2021-23437 Regular Expression Denial of Service (ReDoS)
2021-09-03 16:10:10
mageia
mageia
Updated python-pillow packages fix security vulnerability
2021-09-29 20:22:22
nvd
nvd
CVE-2021-23437
2021-09-03 16:15:08
osv
osv
PYSEC-2021-317
2021-09-03 16:15:00
CVE-2021-23437
2021-09-03 16:15:08
Uncontrolled Resource Consumption in pillow
2021-09-07 23:08:10
alpinelinux
alpinelinux
CVE-2021-23437
2021-09-03 16:15:08
ubuntucve
ubuntucve
CVE-2021-23437
2021-09-03 00:00:00
prion
prion
Design/Logic Flaw
2021-09-03 16:15:00
debiancve
debiancve
CVE-2021-23437
2021-09-03 16:15:08
cve
cve
CVE-2021-23437
2021-09-03 16:15:08
debian
debian
[SECURITY] [DLA 3768-1] pillow security update
2024-03-22 10:00:44
ubuntu
ubuntu
Pillow vulnerabilities
2022-01-13 00:00:00
Pillow vulnerability
2022-10-24 00:00:00
Pillow vulnerabilities
2022-01-17 00:00:00
gentoo
gentoo
Pillow: Multiple Vulnerabilities
2022-11-22 00:00:00