CVE-2022-22816

Out-of-bounds Read in pypi/Pillow

Identifiers

CVE-2022-22816

Package Slug

pypi/Pillow

Vulnerability

Out-of-bounds Read

Description

path_getbbox in path.c in Pillow has a buffer over-read during initialization of ImagePath.Path.

Affected Versions

All versions before 9.0.0

Solution

Upgrade to version 9.0.0 or above.

Last Modified

2022-01-21

source