Showing 1 - 5 of 5

CVE-2023-44271

Status Candidate

Overview

An issue was discovered in Pillow before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for truetype in ImageFont when textlength in an ImageDraw instance operates on a long text argument.

Related Files

Debian Security Advisory 5704-1: Posted Jun 6, 2024; Authored by Debian | Site debian.org; Debian Linux Security Advisory 5704-1 - Multiple security issues were discovered in Pillow, a Python imaging library, which could result in denial of service or the execution of arbitrary code if malformed images are processed.; tags | advisory, denial of service, arbitrary, python; systems | linux, debian; advisories | CVE-2023-44271, CVE-2023-50447, CVE-2024-28219; SHA-256 | 39d19c693f17390d6a2ae39c504630ddbff9dabe4a9550c53beda72dd79c2817; Download | Favorite | View

Red Hat Security Advisory 2024-3005-03: Posted May 23, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-3005-03 - An update for python-pillow is now available for Red Hat Enterprise Linux 8.; tags | advisory, python; systems | linux, redhat; advisories | CVE-2023-44271; SHA-256 | 9a4d07d9090af2aef0e45cedd203af3f8f4f603ca5d859e6af2f6ed3d71c48fc; Download | Favorite | View

Gentoo Linux Security Advisory 202405-12: Posted May 6, 2024; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 202405-12 - Multiple vulnerabilities have been discovered in Pillow, the worst of which can lead to arbitrary code execution. Versions greater than or equal to 10.2.0 are affected.; tags | advisory, arbitrary, vulnerability, code execution; systems | linux, gentoo; advisories | CVE-2023-44271, CVE-2023-50447; SHA-256 | 3383dd664c509ffd1c2c81e6191f3909def9ad15643115326144b65d82a168fd; Download | Favorite | View

Ubuntu Security Notice USN-6618-1: Posted Jan 31, 2024; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6618-1 - It was discovered that Pillow incorrectly handled certain long text arguments. An attacker could possibly use this issue to cause Pillow to consume resources, leading to a denial of service. This issue only affected Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. Duarte Santos discovered that Pillow incorrectly handled the environment parameter to PIL.ImageMath.eval. An attacker could possibly use this issue to execute arbitrary code.; tags | advisory, denial of service, arbitrary; systems | linux, ubuntu; advisories | CVE-2023-44271, CVE-2023-50447; SHA-256 | 6448149912590caa887d2ebc19423b952b66138a002ef70624bb7db6564df7f6; Download | Favorite | View

Red Hat Security Advisory 2024-0345-03: Posted Jan 24, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-0345-03 - An update for python-pillow is now available for Red Hat Enterprise Linux 7.; tags | advisory, python; systems | linux, redhat; advisories | CVE-2023-44271; SHA-256 | 577f221d2e76f426fe238a8135c7fae4c7d1338480e41329e362e8922a5d1576; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 223 files
Ubuntu 57 files
LiquidWorm 23 files
Debian 19 files
indoushka 15 files
Apple 9 files
Google Security Research 5 files
Gentoo 5 files
Chokri Hammedi 3 files
Alter Prime 3 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,158)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,830)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,245)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,969)
UNIX (9,474)
UnixWare (188)
Windows (6,784)
Other

CVE-2023-44271

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems