ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2021.0448
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2021-0448)
Resumen:	The remote host is missing an update for the 'python-pillow' package(s) announced via the MGASA-2021-0448 advisory.
Descripción:	Summary: The remote host is missing an update for the 'python-pillow' package(s) announced via the MGASA-2021-0448 advisory. Vulnerability Insight: Updated python-pillow packages fix security vulnerability: The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the getrgb function (CVE-2021-23437). Affected Software/OS: 'python-pillow' package(s) on Mageia 8. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2021-23437 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VKRCL7KKAKOXCVD7M6WC5OKFGL4L3SJT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RNSG6VFXTAROGF7ACYLMAZNQV4EJ6I2C/ https://security.gentoo.org/glsa/202211-10 https://github.com/python-pillow/Pillow/commit/9e08eb8f78fdfd2f476e1b20b7cf38683754866b https://pillow.readthedocs.io/en/stable/releasenotes/8.3.2.html https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1319443 https://lists.debian.org/debian-lts-announce/2024/03/msg00021.html
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.