Description
Pillow is a Python imaging library. From version 4.2.0 to before version 12.2.0, an attacker can supply a malicious PDF that causes the process to hang indefinitely, consuming 100% CPU and making the application unresponsive. This issue has been patched in version 12.2.0.
Mitigation
Minimal update. May introduce new vulnerabilities or breaking changes.
|
 pypi | | | 12.2.0 |
 debian 13 | | =11.1.0-5 || =11.1.0-5+deb13u1 || =11.1.0-5+deb13u2 || =11.2.1-1 || =11.3.0-1 || =12.0.0-1 || =12.1.0-1 || =12.1.1-1 || =12.1.1-2 || =12.2.0-1 | - |
debian 14 | | =11.1.0-5 || =11.2.1-1 || =11.3.0-1 || =12.0.0-1 || =12.1.0-1 || =12.1.1-1 || =12.1.1-2 || >=0 <12.2.0-1 | 12.2.0-1 |
debian 11 | | =10.0.0-1 || =10.1.0-1 || =10.2.0-1 || =10.3.0-1 || =10.3.0-2 || =10.4.0-1 || =10.4.0-1.1 || =11.1.0-1 || =11.1.0-2 || =11.1.0-3 || =11.1.0-4 || =11.1.0-5 || =11.2.1-1 || =11.3.0-1 || =12.0.0-1 || =12.1.0-1 || =12.1.1-1 || =12.1.1-2 || =12.2.0-1 || =8.1.2+dfsg-0.3 || =8.1.2+dfsg-0.3+deb11u1 || =8.1.2+dfsg-0.3+deb11u2 || =8.1.2+dfsg-0.3+deb11u3 || =8.1.2+dfsg-1 || =8.2.0-1 || =8.3.2-1 || =8.4.0-1 || =9.0.0-1 || =9.0.1-1 || =9.1.0-1 || =9.1.1-1 || =9.2.0-1 || =9.2.0-1.1 || =9.3.0-1 || =9.4.0-1 || =9.4.0-1.1 || =9.5.0-1 | - |
debian 12 | | =10.0.0-1 || =10.1.0-1 || =10.2.0-1 || =10.3.0-1 || =10.3.0-2 || =10.4.0-1 || =10.4.0-1.1 || =11.1.0-1 || =11.1.0-2 || =11.1.0-3 || =11.1.0-4 || =11.1.0-5 || =11.2.1-1 || =11.3.0-1 || =12.0.0-1 || =12.1.0-1 || =12.1.1-1 || =12.1.1-2 || =12.2.0-1 || =9.4.0-1.1 || =9.4.0-1.1+deb12u1 || =9.5.0-1 | - |
