VDB
PYSEC-2022-10
PYSEC-2022-10
PUBLISHED
PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitrary expressions, such as ones that use the Python exec method.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| PyPI | pillow | 1.0, 1.1, 1.2 |
Timeline
- Jan 10, 2022 CVE Published
- Dec 6, 2023 CVE Updated