Your submission was sent successfully! Close

CVE-2022-30595

Published: 25 May 2022

libImaging/TgaRleDecode.c in Pillow 9.1.0 has a heap buffer overflow in the processing of invalid TGA image files.

Notes

AuthorNote
mdeslaur
introduced in 9.1.0
Priority

Medium

CVSS 3 base score: 9.8

Status

Package Release Status
pillow
Launchpad, Ubuntu, Debian
bionic Not vulnerable

focal Not vulnerable

impish Not vulnerable

jammy Not vulnerable
(9.0.1-1build1)
trusty Not vulnerable

upstream Needs triage

xenial Not vulnerable

Patches:
upstream: https://github.com/python-pillow/Pillow/commit/c846cc881ebe34e3518412c2e3636433d9947280
pillow-python2
Launchpad, Ubuntu, Debian
bionic Does not exist

focal Not vulnerable

impish Does not exist

jammy Does not exist

trusty Does not exist

upstream Needs triage

xenial Does not exist