Wednesday, May 26, 2021

Ubuntu: USN-4963-1 (CVE-2021-28675): Pillow vulnerabilities

Description
Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.From USN-4963-1:It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to crash or hand, resulting in a denial of service.
Solution(s)
  • ubuntu-upgrade-python-pil
  • ubuntu-upgrade-python3-pil


  • References
  • USN-4963-1
  • CVE-2021-28675




  •  

    Copyright © 2020 Cyber Details - Vulnerability Database™

    Thanks for everything Templateism - You should have written the code a little more complicated