Fredrik Lundh

3 exploits Active since Jan 2022
CVE-2022-22815 WRITEUP MEDIUM WRITEUP
Pillow <9.0.0 - Info Disclosure
path_getbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path.
CVSS 6.5
CVE-2022-22816 WRITEUP MEDIUM WRITEUP
Python Pillow < 9.0.0 - Out-of-Bounds Read
path_getbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization of ImagePath.Path.
CVSS 6.5
CVE-2022-30595 WRITEUP CRITICAL WRITEUP
Python Pillow < 9.1.1 - Out-of-Bounds Write
libImaging/TgaRleDecode.c in Pillow 9.1.0 has a heap buffer overflow in the processing of invalid TGA image files.
CVSS 9.8