Vulnerabilities > Python > Pillow > 10.1.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-01-19 | CVE-2023-50447 | Code Injection vulnerability in multiple products Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than CVE-2022-22817 (which was about the expression parameter). | 8.1 |