USN-5777-1

Advisory lineage Upstream: 4 Downstream: 0

Upstream

CVE-2022-24303 CVE-2022-45198 UBUNTU-CVE-2022-24303 UBUNTU-CVE-2022-45198

Published: 13 Dec 2022, 10:06

Last modified:04 Feb 2026, 02:30

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

13 Dec 2022, 10:06

Published

Vulnerability first disclosed

04 Feb 2026, 02:30

Last Modified

Vulnerability information updated

Description

pillow vulnerabilities It was discovered that Pillow incorrectly handled the deletion of temporary files when using a temporary directory that contains spaces. An attacker could possibly use this issue to delete arbitrary files. This issue only affected Ubuntu 20.04 LTS. (CVE-2022-24303) It was discovered that Pillow incorrectly handled the decompression of highly compressed GIF data. An attacker could possibly use this issue to cause Pillow to crash, resulting in a denial of service. (CVE-2022-45198)

Affected Systems

ubuntu•pillow
< 7.0.0-4ubuntu0.7 | < 9.0.1-1ubuntu0.1

USN-5777-1

Vulnerability Summary

Timeline

Description

Affected Systems

References (3)