An issue was discovered in Pillow before 8.1.1. The PDF parser allows a regular expression DoS (ReDoS) attack via a crafted PDF file because of a catastrophic backtracking regex.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "python3-pil-dbg": "5.1.0-1ubuntu0.5", "python-pil-dbg": "5.1.0-1ubuntu0.5", "python-pil-doc": "5.1.0-1ubuntu0.5", "python3-pil.imagetk": "5.1.0-1ubuntu0.5", "python3-pil.imagetk-dbg": "5.1.0-1ubuntu0.5", "python-pil.imagetk": "5.1.0-1ubuntu0.5", "python-pil.imagetk-dbg": "5.1.0-1ubuntu0.5", "python3-pil": "5.1.0-1ubuntu0.5", "python-pil": "5.1.0-1ubuntu0.5" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "python3-pil.imagetk-dbg": "7.0.0-4ubuntu0.3", "python3-pil-dbg": "7.0.0-4ubuntu0.3", "python-pil-doc": "7.0.0-4ubuntu0.3", "python3-pil": "7.0.0-4ubuntu0.3", "python3-pil.imagetk": "7.0.0-4ubuntu0.3" } ] }