Description
Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.From USN-4963-1:It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to crash or hand, resulting in a denial of service.
Solution(s)
ubuntu-upgrade-python-pilubuntu-upgrade-python3-pil
ReferencesUSN-4963-1CVE-2021-25288