Pillow before 3.3.2 allows context-dependent attackers to execute arbitrary code by using the "crafted image file" approach, related to an "Insecure Sign Extension" issue affecting the ImagingNew in Storage.c component.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2016-11-04T10:00:00

Updated: 2024-08-06T02:42:11.192Z

Reserved: 2016-11-04T00:00:00

Link: CVE-2016-9190

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2016-11-04T10:59:10.803

Modified: 2024-11-21T03:00:46.170

Link: CVE-2016-9190

cve-icon Redhat

Severity : Moderate

Publid Date: 2016-10-03T00:00:00Z

Links: CVE-2016-9190 - Bugzilla