Site icon API Security Blog

K000138866 : Python Pillow vulnerability CVE-2023-50447

Security Advisory Description Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than CVE-2022-22817 (which was about the expression parameter). (CVE-2023-50447) Impact There is no impact; F5 products are not affected by this…Read More

Exit mobile version