VulnerableCode Vulnerability Details - VCID-j3u2-u8bx-aaam

Search for vulnerabilities

Vulnerability details: VCID-j3u2-u8bx-aaam

Essentials
Severities (1)
References (1)
Severity details (1)
Exploits (0)
EPSS
History (0)

Vulnerability ID	VCID-j3u2-u8bx-aaam
Aliases	PYSEC-2023-175
Summary	Pillow versions before v10.0.1 bundled libwebp binaries in wheels that are vulnerable to CVE-2023-4863. imagecodecs v10.0.1 upgrades the bundled libwebp binary to v1.3.2.
Status	Published
Exploitability	0.5
Weighted Severity	8.0
Risk	4.0
Affected and Fixed Packages	Package Details

Weaknesses (0)

There are no known CWE.

System	Score	Found at
generic_textual	HIGH	https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst#1001-2023-09-15

Reference id	Reference type	URL
		https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst#1001-2023-09-15

No exploits are available.

No EPSS data available for this vulnerability.

Date	Actor	Action	Source	VulnerableCode Version
There are no relevant records.