CVE-2021-34552

Buffer Overflow in Pillow

Description

Pillow through 8.2.0 and PIL (aka Python Imaging Library) through 1.1.7 allow an attacker to pass controlled parameters directly into a convert function to trigger a buffer overflow in Convert.c.

Patch Available

Fix available through Seal Security.  
No upgrade required, protect your application instantly.

Fix without upgrading

Score

Severity

Ecosystem

Python

Publish Date

July 13, 2021

Modified Date

December 5, 2023

Score Vector

Affected Versions