Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 832599 (CVE-2022-22817) - [Tracker] PIL.ImageMath.eval arbitrary expression evaluation
Summary: [Tracker] PIL.ImageMath.eval arbitrary expression evaluation
Status: CONFIRMED
Alias: CVE-2022-22817
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL:
Whiteboard:
Keywords:
Depends on: CVE-2022-22815, CVE-2022-22816 CVE-2022-24303
Blocks:
  Show dependency tree
 
Reported: 2022-02-03 04:09 UTC by John Helmert III
Modified: 2022-02-03 04:09 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description John Helmert III gentoo-dev Security 2022-02-03 04:09:47 UTC
The Pillow people reused a CVE that was fixed in 9.0.0 in 9.0.1. Popping it out to its own tracker for both bugs.