HIGH 7.5 PyPI
Pillow is vulnerable to Denial of Service (DOS) in the Jpeg2KImagePlugin
GHSA-j6f7-g425-4gmx · CVE-2014-3598 · PYSEC-2015-15
Published · Modified
Description
The Jpeg2KImagePlugin plugin in Pillow before 2.5.3 allows remote attackers to cause a denial of service via a crafted image.
References
- ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2014-3598
- WEB https://github.com/python-pillow/Pillow/commit/347a1d8d956f9e64af4463ee25311b60cdd5657d
- WEB https://github.com/pypa/advisory-database/tree/main/vulns/pillow/PYSEC-2015-15.yaml
- PACKAGE https://github.com/python-pillow/Pillow
- WEB https://pypi.python.org/pypi/Pillow/2.5.3
- WEB http://lists.opensuse.org/opensuse-updates/2015-04/msg00056.html
Ready to move
Start Securing
Free, no credit card | First findings in minutes