OPENSUSE-SU-2024:0125-1

Advisory lineage Upstream: 1 Downstream: 0

Upstream

CVE-2023-50447

Published: 13 May 2024, 13:09

Last modified:04 Feb 2026, 03:02

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

13 May 2024, 13:09

Published

Vulnerability first disclosed

04 Feb 2026, 03:02

Last Modified

Vulnerability information updated

Description

Security update for python-Pillow This update for python-Pillow fixes the following issues: - CVE-2023-50447: Fixed arbitrary code execution via the environment parameter (boo#1219048)

Affected Systems

opensuse•python-Pillow&distro=openSUSE Leap 15.5
< 8.4.0-bp155.3.3.1
suse•python-Pillow&distro=SUSE Package Hub 15 SP5
< 8.4.0-bp155.3.3.1

References (3)

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/GYSVBJPZSCRQ4QL45BINOZYP7XXBBK3C/
https://bugzilla.suse.com/1219048
https://www.suse.com/security/cve/CVE-2023-50447