Description

In _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy.

INFO

Published Date :

2024-04-03T00:00:00.000Z

Last Modified :

2025-11-04T18:30:27.655Z

Source :

mitre
AFFECTED PRODUCTS

The following products are affected by CVE-2024-28219 vulnerability.

Vendors Products
Debian
  • Debian Linux
Python
  • Pillow
Redhat
  • Ansible Automation Platform
  • Enterprise Linux
  • Satellite
  • Satellite Capsule

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Complexity
Attack Vector
Availability Impact
Confidentiality Impact
Integrity Impact
Privileges Required
Scope
User Interaction