---

CVE-2022-22817 - log back

CVE-2022-22817 created at 06 Apr 2022 20:56:33
Severity	+ Unknown
Remote	+ Unknown
Type	+ Unknown
Description	+ PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitrary expressions, such as ones that use the Python exec method.
References	+ https://pillow.readthedocs.io/en/stable/releasenotes/9.0.1.html#security + https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#restrict-builtins-available-to-imagemath-eva + https://nvd.nist.gov/vuln/detail/CVE-2022-22817
Notes