[Epel-packagers-sig] [Bug 2042511] New: CVE-2022-22815 python-pillow: improperly initializes ImagePath.Path in path_getbbox() in path.c

19 Jan 2022


      https://bugzilla.redhat.com/show_bug.cgi?id=2042511
Bug ID: 2042511
           Summary: CVE-2022-22815 python-pillow: improperly initializes
                    ImagePath.Path in path_getbbox() in path.c
           Product: Security Response
          Hardware: All
                OS: Linux
            Status: NEW
         Component: vulnerability
          Keywords: Security
          Severity: medium
          Priority: medium
          Assignee: security-response-team@redhat.com
          Reporter: gsuckevi@redhat.com
                CC: bdettelb@redhat.com, cstratak@redhat.com,
                    epel-packagers-sig@lists.fedoraproject.org,
                    infra-sig@lists.fedoraproject.org,
                    manisandro@gmail.com, miminar@redhat.com,
                    orion@nwra.com, python-maint@redhat.com,
                    python-sig@lists.fedoraproject.org, torsava@redhat.com
  Target Milestone: ---
    Classification: Other
path_getbbox in path.c in Pillow before 9.0.0 improperly initializes
ImagePath.Path.
References:
https://github.com/python-pillow/Pillow/blob/c5d9223a8b5e9295d15b5a9b1ef1dae...
https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#fixed-imagep...
-- 
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2042511

2024

2023

2022

2021

[Epel-packagers-sig] [Bug 2042511] New: CVE-2022-22815 python-pillow: improperly initializes ImagePath.Path in path_getbbox() in path.c