CVE-2023-4427

Related Files

Debian Security Advisory 5704-1

Posted Jun 6, 2024

Authored by Debian | Site debian.org

Debian Linux Security Advisory 5704-1 - Multiple security issues were discovered in Pillow, a Python imaging library, which could result in denial of service or the execution of arbitrary code if malformed images are processed.

tags | advisory, denial of service, arbitrary, python

systems | linux, debian

advisories | CVE-2023-44271, CVE-2023-50447, CVE-2024-28219

SHA-256 | 39d19c693f17390d6a2ae39c504630ddbff9dabe4a9550c53beda72dd79c2817

Download | Favorite | View

Red Hat Security Advisory 2024-3005-03

Posted May 23, 2024

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3005-03 - An update for python-pillow is now available for Red Hat Enterprise Linux 8.

tags | advisory, python

systems | linux, redhat

advisories | CVE-2023-44271

SHA-256 | 9a4d07d9090af2aef0e45cedd203af3f8f4f603ca5d859e6af2f6ed3d71c48fc

Download | Favorite | View

Gentoo Linux Security Advisory 202405-12

Posted May 6, 2024

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202405-12 - Multiple vulnerabilities have been discovered in Pillow, the worst of which can lead to arbitrary code execution. Versions greater than or equal to 10.2.0 are affected.

tags | advisory, arbitrary, vulnerability, code execution

systems | linux, gentoo

advisories | CVE-2023-44271, CVE-2023-50447

SHA-256 | 3383dd664c509ffd1c2c81e6191f3909def9ad15643115326144b65d82a168fd

Download | Favorite | View

Ubuntu Security Notice USN-6618-1

Posted Jan 31, 2024

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6618-1 - It was discovered that Pillow incorrectly handled certain long text arguments. An attacker could possibly use this issue to cause Pillow to consume resources, leading to a denial of service. This issue only affected Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. Duarte Santos discovered that Pillow incorrectly handled the environment parameter to PIL.ImageMath.eval. An attacker could possibly use this issue to execute arbitrary code.

tags | advisory, denial of service, arbitrary

systems | linux, ubuntu

advisories | CVE-2023-44271, CVE-2023-50447

SHA-256 | 6448149912590caa887d2ebc19423b952b66138a002ef70624bb7db6564df7f6

Download | Favorite | View

Red Hat Security Advisory 2024-0345-03

Posted Jan 24, 2024

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0345-03 - An update for python-pillow is now available for Red Hat Enterprise Linux 7.

tags | advisory, python

systems | linux, redhat

advisories | CVE-2023-44271

SHA-256 | 577f221d2e76f426fe238a8135c7fae4c7d1338480e41329e362e8922a5d1576

Download | Favorite | View

Chrome ReduceJSLoadPropertyWithEnumeratedKey Out-Of-Bounds Access

Posted Oct 5, 2023

Authored by Google Security Research, Glazvunov

Chrome checks in ReduceJSLoadPropertyWithEnumeratedKey are not sufficient to prevent the engine from reading an out-of-bounds index from an enum cache.

tags | exploit

advisories | CVE-2023-4427

SHA-256 | d2720d577ee6196fb4e71365c0315fa67c9c9abb683aa559628add3042c1ecce

Download | Favorite | View

Debian Security Advisory 5483-1

Posted Aug 28, 2023

Authored by Debian | Site debian.org

Debian Linux Security Advisory 5483-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

tags | advisory, denial of service, arbitrary, info disclosure

systems | linux, debian

advisories | CVE-2023-4427, CVE-2023-4428, CVE-2023-4429, CVE-2023-4430, CVE-2023-4431

SHA-256 | ebed94ee6ac4cac7ece2b82c3d9d5e59c2c4c1abfcc4c95b864d91e9024c2f1b

Download | Favorite | View