EPSS
Percentile
57.9%
Pillow is vulnerable to denial of service (DoS) attacks. The vulnerability is due to improper handling of the SAMPLESPERPIXEL tag in TiffImagePlugin.py, causing large values to lead to memory exhaustion.
SAMPLESPERPIXEL
TiffImagePlugin.py
bugs.gentoo.org/878769
github.com/python-pillow/Pillow/commit/2444cddab2f83f28687c7c20871574acbb6dbcf3
github.com/python-pillow/Pillow/pull/6700
github.com/python-pillow/Pillow/releases/tag/9.3.0
security.gentoo.org/glsa/202211-10