CVE-2022-22815
Summary
| CVE | CVE-2022-22815 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2022-01-10 14:12:00 UTC |
|---|
| Updated | 2023-01-31 17:27:00 UTC |
|---|
| Description | path_getbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path. |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| Debian -- Security Information -- DSA-5053-1 pillow |
DEBIAN |
www.debian.org |
|
| Pillow: Multiple Vulnerabilities (GLSA 202211-10) — Gentoo security |
GENTOO |
security.gentoo.org |
|
| 9.0.0 — Pillow (PIL Fork) 9.0.0 documentation |
MISC |
pillow.readthedocs.io |
|
| [SECURITY] [DLA 2893-1] pillow security update |
MLIST |
lists.debian.org |
|
| Pillow/path.c at c5d9223a8b5e9295d15b5a9b1ef1dae44c8499f3 · python-pillow/Pillow · GitHub |
MISC |
github.com |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 179015 Debian Security Update for pillow (DSA 5053-1)
- 179022 Debian Security Update for pillow (DLA 2893-1)
- 182118 Debian Security Update for pillow (CVE-2022-22815)
- 198632 Ubuntu Security Notification for Pillow Vulnerabilities (USN-5227-1)
- 282334 Fedora Security Update for mingw (FEDORA-2022-a1bc7decc9)
- 282335 Fedora Security Update for mingw (FEDORA-2022-e4087f9366)
- 296062 Oracle Solaris 11.4 Support Repository Update (SRU) 43.113.3 Missing (CPUJAN2022)
- 353267 Amazon Linux Security Advisory for python-pillow : ALAS2-2022-1786
- 502018 Alpine Linux Security Update for py3-pillow
- 502343 Alpine Linux Security Update for py3-pillow
- 671473 EulerOS Security Update for python-pillow (EulerOS-SA-2022-1436)
- 671476 EulerOS Security Update for python-pillow (EulerOS-SA-2022-1457)
- 671503 EulerOS Security Update for python-pillow (EulerOS-SA-2022-1514)
- 671507 EulerOS Security Update for python-pillow (EulerOS-SA-2022-1495)
- 671547 EulerOS Security Update for python-pillow (EulerOS-SA-2022-1549)
- 671591 EulerOS Security Update for python-pillow (EulerOS-SA-2022-1583)
- 671670 EulerOS Security Update for python-pillow (EulerOS-SA-2022-1760)
- 710682 Gentoo Linux Pillow Multiple Vulnerabilities (GLSA 202211-10)
- 960856 Rocky Linux Security Update for python-pillow (RLSA-2022:0643)
