Pillow through 10.1.0 allows... CVE-2023-50447

- AV AC AU C I A
发布: 2024-01-19
修订: 2024-03-27

Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than CVE-2022-22817 (which was about the expression parameter).

0%

漏洞利用/PoC

暂无可用Exp或PoC

受影响的平台与产品

当前有2条受影响产品信息