CVE-2021-25290

CVE-2021-25290

EPSS 2.4%

An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is a negative-offset memcpy with an invalid size.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://lists.debian.org/debian-lts-announce/2021/07/msg00018.html https://pillow.readthedocs.io/en/stable/releasenotes/8.1.1.html https://security.gentoo.org/glsa/202107-33