Vulnerability Database
Blog
FAQ
PYSEC-2022-42980
Source
https://github.com/pypa/advisory-database/blob/main/vulns/pillow/PYSEC-2022-42980.yaml
Aliases
CVE-2022-45199 (
GHSA-q4mp-jvh2-76fj
)
Published
2022-11-14T07:15:00Z
Modified
2023-05-25T05:07:00Z
Details
Pillow before 9.3.0 allows denial of service via SAMPLESPERPIXEL.
References
https://github.com/python-pillow/Pillow/pull/6700
https://bugs.gentoo.org/878769
https://github.com/python-pillow/Pillow/releases/tag/9.3.0
https://github.com/python-pillow/Pillow/commit/2444cddab2f83f28687c7c20871574acbb6dbcf3
Affected packages
PyPI
/
pillow
pillow
Affected ranges
Type
GIT
Events
Introduced
0
Fixed
2444cddab2f83f28687c7c20871574acbb6dbcf3
Type
ECOSYSTEM
Events
Introduced
9.2.0
Fixed
9.3.0
Affected versions
9.*
9.2.0
PYSEC-2022-42980 - OSV