CVE-2021-23437 - CERT CVE
ID CVE-2021-23437
Sažetak The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the getrgb function.
Reference
CVSS
Base: 5.0
Impact: 2.9
Exploitability:10.0
Pristup
VektorSloženostAutentikacija
NETWORK LOW NONE
Impact
PovjerljivostCjelovitostDostupnost
NONE NONE PARTIAL
CVSS vektor AV:N/AC:L/Au:N/C:N/I:N/A:P
Zadnje važnije ažuriranje 22-03-2024 - 11:15
Objavljeno 03-09-2021 - 16:15