—
PYSEC-2022-42979
상세
Pillow before 9.2.0 performs Improper Handling of Highly Compressed GIF Data (Data Amplification).
이 버전이 영향받나요?
사용 중인 패키지 버전을 입력하면 즉시 평가합니다.
영향 패키지
PyPI / pillow
최초 영향 버전:
0 수정 버전: 11918eac0628ec8ac0812670d9838361ead2d6a4 수정
pip install --upgrade 'pillow>=11918eac0628ec8ac0812670d9838361ead2d6a4' 참고
- https://bugs.gentoo.org/855683 [WEB]
- https://github.com/python-pillow/Pillow/commit/11918eac0628ec8ac0812670d9838361ead2d6a4 [FIX]
- https://github.com/python-pillow/Pillow/pull/6402 [WEB]
- https://github.com/python-pillow/Pillow/releases/tag/9.2.0 [WEB]
- https://cwe.mitre.org/data/definitions/409.html [WEB]