You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
An issue was discovered in Pillow before 8.2.0. For FLI data, FliDecode did not properly check that the block advance was non-zero, potentially leading to an infinite loop on load.
Descreva a vulnerabilidade de segurança (se houver CVE, coloque como
referência)
CVE-2021-28676
An issue was discovered in Pillow before 8.2.0. For FLI data, FliDecode did not properly check that the block advance was non-zero, potentially leading to an infinite loop on load.
References
https://nvd.nist.gov/vuln/detail/CVE-2021-28676
python-pillow/Pillow#5377
https://pillow.readthedocs.io/en/stable/releasenotes/8.2.0.html#cve-2021-28676-fix-fli-dos
https://lists.fedoraproject.org/archives/list/[email protected]/message/MQHA5HAIBOYI3R6HDWCLAGFTIQP767FL/
https://security.gentoo.org/glsa/202107-33
https://lists.debian.org/debian-lts-announce/2021/07/msg00018.html
Classifique a prioridade de correção, de acordo com a severidade da
vulnerabilidade 30 dias
The text was updated successfully, but these errors were encountered: