Vulnerability Database
Blog
FAQ
Docs
BIT-pillow-2022-45198
Import Source
https://github.com/bitnami/vulndb/tree/main/data/pillow/BIT-pillow-2022-45198.json
Aliases
CVE-2022-45198
GHSA-m2vv-5vj5-2hm7
PYSEC-2022-42979
Published
2024-03-06T11:02:02.180Z
Modified
2024-03-06T11:25:28.861Z
Details
Pillow before 9.2.0 performs Improper Handling of Highly Compressed GIF Data (Data Amplification).
References
https://bugs.gentoo.org/855683
https://cwe.mitre.org/data/definitions/409.html
https://github.com/python-pillow/Pillow/commit/11918eac0628ec8ac0812670d9838361ead2d6a4
https://github.com/python-pillow/Pillow/pull/6402
https://github.com/python-pillow/Pillow/releases/tag/9.2.0
https://security.gentoo.org/glsa/202211-10
Affected packages
Bitnami
/
pillow
Package
Name
pillow
Affected ranges
Type
SEMVER
Events
Introduced
0
The exact introduced commit is unknown
Fixed
9.2.0
BIT-pillow-2022-45198 - OSV