.avif)
View all vulnerabilities
CVE-2021-23437
Description
The package pillow from 0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the getrgb function.
Patch Available
Fix available through Seal Security. No upgrade required, protect your application instantly.
Fix without upgradingVulnerability Details
Score
Score Vector
Affected Versions
pillow < 9e08eb8f78fdfd2f476e1b20b7cf38683754866b; pillow < 8.3.2
Severity
Ecosystem
Python
Publish Date
September 3, 2021
Modified Date
December 5, 2023