The package pillow 5.2.0 and prior to 8.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the getrgb function.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
python pillow |
||
fedoraproject fedora 33 |
||
fedoraproject fedora 34 |