A vulnerability was found in Pillow up to 8.x and classified as critical. Affected by this issue is the function path_getbbox of the file path.c. Upgrading to version 9.0.0 eliminates this vulnerability. The upgrade is hosted for download at pillow.readthedocs.io.
Pillow up to 8.x path.c path_getbbox ImagePath.Path buffer overflow
- Virtual Patching
- January 10, 2022
- 10:07 pm
- Virtual Patching
- January 10, 2022
- 10:07 pm
Common Vulnerabilityies and Exposures
Contact us to get started
CVE-2023-29632 : JMSPAGEBUILDER 3.X ON PRESTASHOP AJAX_JMSPAGEBUILDER.PHP SQL INJECTION
Description PrestaShop jmspagebuilder 3.x is vulnerable to SQL Injection via ajax_jmspagebuilder.php. References https://friends-of-presta.github.io/security-advisories/modules/2023/03/13/jmspagebuilder.html For More Information MITRE
CVE-2023-3065 : MOBATIME AMXGT100 UP TO 1.3.20 IMPROPER AUTHENTICATION
Description Improper Authentication vulnerability in Mobatime mobile application AMXGT100 allows Authentication Bypass.This issue affects Mobatime mobile application AMXGT100 through 1.3.20.
CVE-2023-2781 : USER EMAIL VERIFICATION FOR WOOCOMMERCE PLUGIN UP TO 3.5.0 ON WORDPRESS IMPROPER AUTHENTICATION
Description The User Email Verification for WooCommerce plugin for WordPress is vulnerable to authentication bypass via authenticate_user_by_email in versions up