CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-23437

The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the getrgb function.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 43.5%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

Products affected by CVE-2021-23437

Python » Pillow » Version: 5.2.0

cpe:2.3:a:python:pillow:5.2.0
Python » Pillow » Version: 5.3.0

cpe:2.3:a:python:pillow:5.3.0
Python » Pillow » Version: 5.4.0

cpe:2.3:a:python:pillow:5.4.0
Python » Pillow » Version: 5.4.1

cpe:2.3:a:python:pillow:5.4.1
Python » Pillow » Version: 6.0.0

cpe:2.3:a:python:pillow:6.0.0
Python » Pillow » Version: 6.2.0

cpe:2.3:a:python:pillow:6.2.0
Python » Pillow » Version: 6.2.2

cpe:2.3:a:python:pillow:6.2.2
Python » Pillow » Version: 6.2.3

cpe:2.3:a:python:pillow:6.2.3
Python » Pillow » Version: 7.0.0

cpe:2.3:a:python:pillow:7.0.0
Python » Pillow » Version: 7.1.0

cpe:2.3:a:python:pillow:7.1.0
Python » Pillow » Version: 7.1.1

cpe:2.3:a:python:pillow:7.1.1
Python » Pillow » Version: 7.1.2

cpe:2.3:a:python:pillow:7.1.2
Python » Pillow » Version: 7.2.0

cpe:2.3:a:python:pillow:7.2.0
Python » Pillow » Version: 8.0.0

cpe:2.3:a:python:pillow:8.0.0
Python » Pillow » Version: 8.0.1

cpe:2.3:a:python:pillow:8.0.1
Python » Pillow » Version: 8.1.0

cpe:2.3:a:python:pillow:8.1.0
Python » Pillow » Version: 8.1.1

cpe:2.3:a:python:pillow:8.1.1
Python » Pillow » Version: 8.1.2

cpe:2.3:a:python:pillow:8.1.2
Python » Pillow » Version: 8.2.0

cpe:2.3:a:python:pillow:8.2.0
Python » Pillow » Version: 8.3.0

cpe:2.3:a:python:pillow:8.3.0
Python » Pillow » Version: 8.3.1

cpe:2.3:a:python:pillow:8.3.1
Fedoraproject » Fedora » Version: 33

cpe:2.3:o:fedoraproject:fedora:33
Fedoraproject » Fedora » Version: 34

cpe:2.3:o:fedoraproject:fedora:34

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-23437

Products

Pricing

Contact Us