CVE-2022-22816 - log back

CVE-2022-22816 created at 06 Apr 2022 20:51:08
Severity
+ Unknown
Remote
+ Unknown
Type
+ Unknown
Description
+ path_getbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization of ImagePath.Path
References
+ https://github.com/python-pillow/Pillow/blob/c5d9223a8b5e9295d15b5a9b1ef1dae44c8499f3/src/path.c#L331
+ https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#fixed-imagepath-path-array-handling
+ https://nvd.nist.gov/vuln/detail/CVE-2022-22816
Notes