USN-5777-2

Advisory lineage Upstream: 4 Downstream: 0

Upstream

CVE-2022-24303 CVE-2022-45198 UBUNTU-CVE-2022-24303 UBUNTU-CVE-2022-45198

Published: 14 Dec 2022, 09:15

Last modified:04 Feb 2026, 03:02

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

14 Dec 2022, 09:15

Published

Vulnerability first disclosed

04 Feb 2026, 03:02

Last Modified

Vulnerability information updated

Description

pillow-python2 vulnerabilities USN-5777-1 fixed vulnerabilities in Pillow (Python 3). This update provides the corresponding updates for Pillow (Python 2) in Ubuntu 20.04 LTS. Original advisory details: It was discovered that Pillow incorrectly handled the deletion of temporary files when using a temporary directory that contains spaces. An attacker could possibly use this issue to delete arbitrary files. This issue only affected Ubuntu 20.04 LTS. (CVE-2022-24303) It was discovered that Pillow incorrectly handled the decompression of highly compressed GIF data. An attacker could possibly use this issue to cause Pillow to crash, resulting in a denial of service. (CVE-2022-45198)

Affected Systems

ubuntu•pillow-python2
< 6.2.1-3ubuntu0.1~esm1

USN-5777-2

Vulnerability Summary

Timeline

Description

Affected Systems

References (3)