CVE-2014-3589
published 2014-08-25CVE-2014-3589: PIL/IcnsImagePlugin.py in Python Imaging Library (PIL) and Pillow before 2.3.2 and 2.5.x before 2.5.2 allows remote attackers to cause a denial of service via…
medium5CVSS 3.1
AVNACLAuNCNINAP
PIL/IcnsImagePlugin.py in Python Imaging Library (PIL) and Pillow before 2.3.2 and 2.5.x before 2.5.2 allows remote attackers to cause a denial of service via a crafted block size.
Affected
15 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | pillow | < pillow 2.5.3-1 (bookworm) | pillow 2.5.3-1 (bookworm) |
| opensuse | opensuse | — | — |
| python | pillow | <= 2.3.1 | — |
| python | pillow | — | — |
| python | pillow | — | — |
| python | pillow | — | — |
| python | pillow | — | — |
| python | pillow | >= 0 < 2.5.3-1 | 2.5.3-1 |
| python | pillow | >= 0 < 2.5.3-1 | 2.5.3-1 |
| python | pillow | >= 0 < 2.5.3-1 | 2.5.3-1 |
| python | pillow | >= 0 < 2.5.3-1 | 2.5.3-1 |
| python | pillow | >= 0 < 2.3.2 | 2.3.2 |
| python | pillow | >= 0 < 2.3.0-1ubuntu3.3 | 2.3.0-1ubuntu3.3 |
| python | pillow | >= 0 < 2.3.0-1ubuntu3.2 | 2.3.0-1ubuntu3.2 |
| python | pillow | >= 2.5 < 2.5.2 | 2.5.2 |
CVSS provenance
nvd5.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv5.0MEDIUM