Skip to content

Multiple memory corruption vulnerabilities #2105

Closed
@cneckar

Description

@cneckar

While performing a security assessment for a client, we identified a number of potential memory corruption vulnerabilities within the native extensions included with Pillow. Given that these vulnerabilities may currently expose exploitable conditions within our client's environment, we would like to report the details privately.

Could a project member please limit the visibility of this issue so that it is not available to the public?

Alternatively, we can provide vulnerability details via e-mail if that is preferable.

Thank you,
Cris Neckar
Divergent Security

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions