CVE-2024-28219 – In _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used … – ITTS

CVE-2024-28219 – In _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used …

3 April 2024

Vuln ID: CVE-2024-28219

Published: 2024-04-03 03:15:09.710

Description: In _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy.

Base Score: 6.7 – MEDIUM

Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

Source: NVD.NIST.GOV

Date:

3 April 2024

Categorie(s):

Tag(s):

French Authorities Launch Operation to Remove PlugX Malware from Infected Systems27 July 2024
Malicious PyPI Package Targets macOS to Steal Google Cloud Credentials27 July 2024
PKFail bug puts firmware security at risk26 July 2024
Deepfake misuse & deepfake detection (before it’s too late)26 July 2024
Cyber insurance provider Cowbell reels in $60M to grow its product portfolio26 July 2024