Closed
Description
While performing a security assessment for a client, we identified a number of potential memory corruption vulnerabilities within the native extensions included with Pillow. Given that these vulnerabilities may currently expose exploitable conditions within our client's environment, we would like to report the details privately.
Could a project member please limit the visibility of this issue so that it is not available to the public?
Alternatively, we can provide vulnerability details via e-mail if that is preferable.
Thank you,
Cris Neckar
Divergent Security
Metadata
Metadata
Assignees
Labels
No labels