Lucene search

K

Veracode Vulnerability DatabaseVERACODE:45131

HistoryJan 23, 2024 - 9:46 a.m.

Arbitrary Code Execution

2024-01-2309:46:39

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

26

arbitrary code execution

vulnerability

pil.imagemath.eval

CVSS3

8.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

7.7

Confidence

High

EPSS

0.001

Percentile

43.7%

pillow is vulnerable to Arbitrary Code Execution. The vulnerability is due to an improper neutralization/sanitization of keys passed to the PIL.ImageMath.eval function environment parameter. An attacker can execute arbitrary code if they have control over the keys passed to PIL.ImageMath.eval environment parameters

References

www.openwall.com/lists/oss-security/2024/01/20/1

devhub.checkmarx.com/cve-details/CVE-2023-50447/

duartecsantos.github.io/2023-01-02-CVE-2023-50447/

duartecsantos.github.io/2024-01-02-CVE-2023-50447/

github.com/advisories/GHSA-3f63-hfp8-52jq

github.com/python-pillow/Pillow/commit/0ca3c33c59927e1c7e0c14dbc1eea1dfb2431a80

github.com/python-pillow/Pillow/commit/45c726fd4daa63236a8f3653530f297dc87b160a

github.com/python-pillow/Pillow/commit/557ba59d13de919d04b3fd4cdef8634f7d4b3348

github.com/python-pillow/Pillow/releases

github.com/python-pillow/Pillow/releases/tag/10.2.0

lists.debian.org/debian-lts-announce/2024/01/msg00019.html

pillow.readthedocs.io/en/stable/releasenotes/10.2.0.html

www.openwall.com/lists/oss-security/2024/01/20/1

CVSS3

8.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

7.7

Confidence

High

EPSS

0.001

Percentile

43.7%

Related for VERACODE:45131