CVE-2023-50447

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-50447
Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than CVE-2022-22817 (which was about the expression parameter).

8.1 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.2 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
http://www.openwall.com/lists/oss-security/2024/01/20/1 Mailing List Third Party Advisory
https://devhub.checkmarx.com/cve-details/CVE-2023-50447/ Third Party Advisory
https://duartecsantos.github.io/2024-01-02-CVE-2023-50447/
https://github.com/python-pillow/Pillow/releases Release Notes
https://lists.debian.org/debian-lts-announce/2024/01/msg00019.html Mailing List Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:python:pillow:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
History

27 Mar 2024, 21:15

Type Values Removed Values Added
References
  • {'url': 'https://duartecsantos.github.io/2023-01-02-CVE-2023-50447/', 'tags': ['Exploit', 'Third Party Advisory'], 'source': 'cve@mitre.org'}
  • () https://duartecsantos.github.io/2024-01-02-CVE-2023-50447/ -

15 Feb 2024, 03:18

Type Values Removed Values Added
CPE cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
First Time Debian
Debian debian Linux
References () https://lists.debian.org/debian-lts-announce/2024/01/msg00019.html - () https://lists.debian.org/debian-lts-announce/2024/01/msg00019.html - Mailing List, Third Party Advisory

29 Jan 2024, 21:15

Type Values Removed Values Added
References
  • () https://lists.debian.org/debian-lts-announce/2024/01/msg00019.html -

26 Jan 2024, 13:50

Type Values Removed Values Added
Summary
  • (es) Pillow hasta la versión 10.1.0 permite la ejecución de código arbitrario PIL.ImageMath.eval a través del parámetro de entorno, una vulnerabilidad diferente a CVE-2022-22817 (que se refería al parámetro de expresión).
References () http://www.openwall.com/lists/oss-security/2024/01/20/1 - () http://www.openwall.com/lists/oss-security/2024/01/20/1 - Mailing List, Third Party Advisory
References () https://devhub.checkmarx.com/cve-details/CVE-2023-50447/ - () https://devhub.checkmarx.com/cve-details/CVE-2023-50447/ - Third Party Advisory
References () https://duartecsantos.github.io/2023-01-02-CVE-2023-50447/ - () https://duartecsantos.github.io/2023-01-02-CVE-2023-50447/ - Exploit, Third Party Advisory
References () https://github.com/python-pillow/Pillow/releases - () https://github.com/python-pillow/Pillow/releases - Release Notes
CWE CWE-94
First Time Python
Python pillow
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 8.1
CPE cpe:2.3:a:python:pillow:*:*:*:*:*:*:*:*

20 Jan 2024, 18:15

Type Values Removed Values Added
References
  • () http://www.openwall.com/lists/oss-security/2024/01/20/1 -

19 Jan 2024, 20:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-01-19 20:15

Updated : 2024-03-27 21:15

NVD link : CVE-2023-50447

Mitre link : CVE-2023-50447

CVE.ORG link : CVE-2023-50447

JSON object : View

Products Affected

python

  • pillow

debian

  • debian_linux
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')