A vulnerability has been found in Pillow up to 8.x and classified as problematic. Affected by this vulnerability is the function path_getbbox of the file path.c. Upgrading to version 9.0.0 eliminates this vulnerability. The upgrade is hosted for download at pillow.readthedocs.io.
Pillow up to 8.x path.c path_getbbox ImagePath.Path initialization
- Virtual Patching
- January 10, 2022
- 10:07 pm
- Virtual Patching
- January 10, 2022
- 10:07 pm
Common Vulnerabilityies and Exposures
Contact us to get started
CVE-2024-7261 : ZYXEL NWA1123ACV3/WAC500/WAX655E/WBE530/USG LITE 60AX COOKIE HOST OS COMMAND INJECTION
Description The improper neutralization of special elements in the parameter “host” in the CGI program of Zyxel NWA1123ACv3 firmware version
CVE-2024-1621 : NT-WARE UNIFLOW ONLINE UP TO 2024.1.0 REGISTRATION VERIFICATION OF SOURCE
Description The registration process of uniFLOW Online (NT-ware product) apps, prior to and including version 2024.1.0, can be compromised when
CVE-2024-45623 : D-LINK DAP-2310 1.16RC028 ATP BINARY STACK-BASED OVERFLOW
Description D-Link DAP-2310 Hardware A Firmware 1.16RC028 allows remote attackers to execute arbitrary code via a stack-based buffer overflow in