CVE-2021-25290

CVE-2021-25290

EPSS 2.4%

An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is a negative-offset memcpy with an invalid size.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://lists.debian.org/debian-lts-announce/2021/07/msg00018.html https://pillow.readthedocs.io/en/stable/releasenotes/8.1.1.html https://security.gentoo.org/glsa/202107-33