Security Advisory

CVE-2023-50447

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-01-19 00:00:00

Last updated 2024-08-02 22:16:46

Assigner mitre

State PUBLISHED

Description

Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than CVE-2022-22817 (which was about the expression parameter).

← Browse all CVEs View on cve.org ↗