First published: Mon Apr 01 2024(Updated: )
In _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
debian/pillow | 8.1.2+dfsg-0.3+deb11u2 9.4.0-1.1+deb12u1 10.4.0-1 | |
pip/pillow | <10.3.0 | 10.3.0 |
redhat/pillow | <10.3.0 | 10.3.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.