-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathvulnerabilities.pypi.txt
1 lines (1 loc) · 8.77 KB
/
vulnerabilities.pypi.txt
1
astroid:2.5.7|{"id":"CVE-2022-22815","purls":["pkg:pypi/aadhaar-py@1.0.0","pkg:pypi/aadhaar-py@2.0.0","pkg:pypi/pillow@1.0","pkg:pypi/pillow@1.1","pkg:pypi/pillow@1.2","pkg:pypi/pillow@1.3","pkg:pypi/pillow@1.4","pkg:pypi/pillow@1.5","pkg:pypi/pillow@1.6","pkg:pypi/pillow@1.7.0","pkg:pypi/pillow@1.7.1","pkg:pypi/pillow@1.7.2","pkg:pypi/pillow@1.7.3","pkg:pypi/pillow@1.7.4","pkg:pypi/pillow@1.7.5","pkg:pypi/pillow@1.7.6","pkg:pypi/pillow@1.7.7","pkg:pypi/pillow@1.7.8","pkg:pypi/pillow@2.0.0","pkg:pypi/pillow@2.1.0","pkg:pypi/pillow@2.2.0","pkg:pypi/pillow@2.2.1","pkg:pypi/pillow@2.2.2","pkg:pypi/pillow@2.3.0","pkg:pypi/pillow@2.3.1","pkg:pypi/pillow@2.4.0","pkg:pypi/pillow@2.5.0","pkg:pypi/pillow@2.5.1","pkg:pypi/pillow@2.3.2","pkg:pypi/pillow@2.5.2","pkg:pypi/pillow@2.5.3","pkg:pypi/pillow@2.6.0","pkg:pypi/pillow@2.6.1","pkg:pypi/pillow@2.7.0","pkg:pypi/pillow@2.6.2","pkg:pypi/pillow@2.8.0","pkg:pypi/pillow@2.8.1","pkg:pypi/pillow@2.8.2","pkg:pypi/pillow@2.9.0","pkg:pypi/pillow@3.0.0","pkg:pypi/pillow@3.1.0.rc1","pkg:pypi/pillow@3.1.0rc1","pkg:pypi/pillow@3.1.0","pkg:pypi/pillow@3.1.1","pkg:pypi/pillow@3.1.2","pkg:pypi/pillow@3.2.0","pkg:pypi/pillow@3.3.0","pkg:pypi/pillow@3.3.1","pkg:pypi/pillow@3.3.2","pkg:pypi/pillow@3.4.0","pkg:pypi/pillow@3.3.3","pkg:pypi/pillow@3.4.1","pkg:pypi/pillow@3.4.2","pkg:pypi/pillow@4.0.0","pkg:pypi/pillow@4.1.0","pkg:pypi/pillow@4.1.1","pkg:pypi/pillow@4.2.0","pkg:pypi/pillow@4.2.1","pkg:pypi/pillow@4.3.0","pkg:pypi/pillow@5.0.0","pkg:pypi/pillow@5.1.0","pkg:pypi/pillow@5.2.0","pkg:pypi/pillow@5.3.0","pkg:pypi/pillow@5.4.0","pkg:pypi/pillow@5.4.0.dev0","pkg:pypi/pillow@5.4.1","pkg:pypi/pillow@6.0.0","pkg:pypi/pillow@6.1.0","pkg:pypi/pillow@6.2.0","pkg:pypi/pillow@6.2.1","pkg:pypi/pillow@6.2.2","pkg:pypi/pillow@7.0.0","pkg:pypi/pillow@7.1.0","pkg:pypi/pillow@7.1.1","pkg:pypi/pillow@7.1.2","pkg:pypi/pillow@7.2.0","pkg:pypi/pillow@8.0.0","pkg:pypi/pillow@8.0.1","pkg:pypi/pillow@8.1.0","pkg:pypi/pillow@8.1.1","pkg:pypi/pillow@8.1.2","pkg:pypi/pillow@8.2.0","pkg:pypi/pillow@8.3.0","pkg:pypi/pillow@8.3.1","pkg:pypi/pillow@8.3.2","pkg:pypi/pillow@8.4.0","pkg:pypi/nicegui@0.1.0","pkg:pypi/nicegui@0.1.4","pkg:pypi/nicegui@0.1.6","pkg:pypi/nicegui@0.2.0","pkg:pypi/nicegui@0.2.1","pkg:pypi/nicegui@0.2.2","pkg:pypi/nicegui@0.2.3","pkg:pypi/nicegui@0.2.4","pkg:pypi/nicegui@0.2.9","pkg:pypi/nicegui@0.2.10","pkg:pypi/nicegui@0.2.11","pkg:pypi/nicegui@0.2.12","pkg:pypi/nicegui@0.2.13","pkg:pypi/nicegui@0.2.14","pkg:pypi/nicegui@0.2.15","pkg:pypi/nicegui@0.3.0","pkg:pypi/nicegui@0.3.1","pkg:pypi/nicegui@0.3.2","pkg:pypi/nicegui@0.3.3","pkg:pypi/nicegui@0.3.4","pkg:pypi/nicegui@0.3.5","pkg:pypi/nicegui@0.3.6","pkg:pypi/nicegui@0.3.7","pkg:pypi/nicegui@0.3.8","pkg:pypi/nicegui@0.3.9","pkg:pypi/nicegui@0.4.0","pkg:pypi/nicegui@0.4.1","pkg:pypi/nicegui@0.4.2","pkg:pypi/nicegui@0.4.3","pkg:pypi/nicegui@0.4.4","pkg:pypi/nicegui@0.4.5","pkg:pypi/nicegui@0.4.6","pkg:pypi/nicegui@0.4.7","pkg:pypi/nicegui@0.4.8","pkg:pypi/nicegui@0.4.9","pkg:pypi/nicegui@0.4.10","pkg:pypi/nicegui@0.4.11","pkg:pypi/nicegui@0.4.12","pkg:pypi/nicegui@0.4.13","pkg:pypi/nicegui@0.4.14","pkg:pypi/nicegui@0.4.15","pkg:pypi/nicegui@0.5.0","pkg:pypi/nicegui@0.5.1","pkg:pypi/nicegui@0.5.2","pkg:pypi/nicegui@0.5.3","pkg:pypi/nicegui@0.5.4","pkg:pypi/nicegui@0.5.5","pkg:pypi/nicegui@0.5.6","pkg:pypi/nicegui@0.5.7","pkg:pypi/nicegui@0.5.8","pkg:pypi/nicegui@0.5.9","pkg:pypi/nicegui@0.5.10","pkg:pypi/nicegui@0.5.11","pkg:pypi/nicegui@0.5.12","pkg:pypi/nicegui@0.6.0","pkg:pypi/nicegui@0.6.1","pkg:pypi/nicegui@0.6.2","pkg:pypi/nicegui@0.6.3","pkg:pypi/nicegui@0.6.4","pkg:pypi/nicegui@0.6.5","pkg:pypi/nicegui@0.6.6","pkg:pypi/nicegui@0.6.7","pkg:pypi/nicegui@0.6.8","pkg:pypi/nicegui@0.6.9","pkg:pypi/nicegui@0.6.10","pkg:pypi/nicegui@0.6.11","pkg:pypi/nicegui@0.6.12","pkg:pypi/nicegui@0.6.13","pkg:pypi/nicegui@0.7.0","pkg:pypi/nicegui@0.7.1","pkg:pypi/pysstv@0.1.3","pkg:pypi/pysstv@0.1.4","pkg:pypi/pysstv@0.1.5","pkg:pypi/pysstv@0.1.6","pkg:pypi/pysstv@0.1.7","pkg:pypi/pysstv@0.1.8","pkg:pypi/pysstv@0.1.9","pkg:pypi/pysstv@0.2","pkg:pypi/pysstv@0.2.1","pkg:pypi/pysstv@0.2.2","pkg:pypi/pysstv@0.2.3","pkg:pypi/pysstv@0.2.4","pkg:pypi/pysstv@0.2.5","pkg:pypi/pysstv@0.2.6","pkg:pypi/pysstv@0.2.7","pkg:pypi/pysstv@0.2.8","pkg:pypi/pysstv@0.3","pkg:pypi/pysstv@0.3.1","pkg:pypi/pysstv@0.3.2","pkg:pypi/pysstv@0.4","pkg:pypi/pysstv@0.4.1","pkg:pypi/pysstv@0.4.3","pkg:pypi/pysstv@0.4.4","pkg:pypi/pysstv@0.5","pkg:pypi/pysstv@0.5.1","pkg:pypi/pysstv@0.5.2","pkg:pypi/pysstv@0.5.3","pkg:pypi/vpype@1.0.0","pkg:pypi/vpype@1.1.0","pkg:pypi/vpype@1.2.0","pkg:pypi/vpype@1.2.1","pkg:pypi/vpype@1.3.0","pkg:pypi/vpype@1.4.0","pkg:pypi/vpype@1.5.0","pkg:pypi/vpype@1.5.1","pkg:pypi/vpype@1.6.0","pkg:pypi/vpype@1.7.0","pkg:pypi/vpype@1.8.0","pkg:pypi/nautilus-trader@1.108.0","pkg:pypi/nautilus-trader@1.109.0","pkg:pypi/nautilus-trader@1.110.0","pkg:pypi/nautilus-trader@1.111.0","pkg:pypi/nautilus-trader@1.112.0","pkg:pypi/nautilus-trader@1.113.0","pkg:pypi/nautilus-trader@1.114.0","pkg:pypi/nautilus-trader@1.115.0","pkg:pypi/nautilus-trader@1.116.0","pkg:pypi/nautilus-trader@1.116.1","pkg:pypi/nautilus-trader@1.117.0","pkg:pypi/nautilus-trader@1.118.0","pkg:pypi/nautilus-trader@1.119.0","pkg:pypi/nautilus-trader@1.120.0","pkg:pypi/nautilus-trader@1.121.0","pkg:pypi/nautilus-trader@1.122.0","pkg:pypi/nautilus-trader@1.123.0","pkg:pypi/nautilus-trader@1.124.0","pkg:pypi/nautilus-trader@1.125.0","pkg:pypi/nautilus-trader@1.126.0","pkg:pypi/nautilus-trader@1.126.1","pkg:pypi/nautilus-trader@1.127.0","pkg:pypi/nautilus-trader@1.128.0","pkg:pypi/nautilus-trader@1.129.0","pkg:pypi/nautilus-trader@1.130.0","pkg:pypi/nautilus-trader@1.131.0","pkg:pypi/nautilus-trader@1.132.0","pkg:pypi/nautilus-trader@1.133.0","pkg:pypi/nautilus-trader@1.134.0","pkg:pypi/nautilus-trader@1.135.0","pkg:pypi/nautilus-trader@1.136.0","pkg:pypi/nautilus-trader@1.137.0","pkg:pypi/Pillow@1.0","pkg:pypi/Pillow@1.1","pkg:pypi/Pillow@1.2","pkg:pypi/Pillow@1.3","pkg:pypi/Pillow@1.4","pkg:pypi/Pillow@1.5","pkg:pypi/Pillow@1.6","pkg:pypi/Pillow@1.7.0","pkg:pypi/Pillow@1.7.1","pkg:pypi/Pillow@1.7.2","pkg:pypi/Pillow@1.7.3","pkg:pypi/Pillow@1.7.4","pkg:pypi/Pillow@1.7.5","pkg:pypi/Pillow@1.7.6","pkg:pypi/Pillow@1.7.7","pkg:pypi/Pillow@1.7.8","pkg:pypi/Pillow@2.0.0","pkg:pypi/Pillow@2.1.0","pkg:pypi/Pillow@2.2.0","pkg:pypi/Pillow@2.2.1","pkg:pypi/Pillow@2.2.2","pkg:pypi/Pillow@2.3.0","pkg:pypi/Pillow@2.3.1","pkg:pypi/Pillow@2.4.0","pkg:pypi/Pillow@2.5.0","pkg:pypi/Pillow@2.5.1","pkg:pypi/Pillow@2.3.2","pkg:pypi/Pillow@2.5.2","pkg:pypi/Pillow@2.5.3","pkg:pypi/Pillow@2.6.0","pkg:pypi/Pillow@2.6.1","pkg:pypi/Pillow@2.7.0","pkg:pypi/Pillow@2.6.2","pkg:pypi/Pillow@2.8.0","pkg:pypi/Pillow@2.8.1","pkg:pypi/Pillow@2.8.2","pkg:pypi/Pillow@2.9.0","pkg:pypi/Pillow@3.0.0","pkg:pypi/Pillow@3.1.0.rc1","pkg:pypi/Pillow@3.1.0rc1","pkg:pypi/Pillow@3.1.0","pkg:pypi/Pillow@3.1.1","pkg:pypi/Pillow@3.1.2","pkg:pypi/Pillow@3.2.0","pkg:pypi/Pillow@3.3.0","pkg:pypi/Pillow@3.3.1","pkg:pypi/Pillow@3.3.2","pkg:pypi/Pillow@3.4.0","pkg:pypi/Pillow@3.3.3","pkg:pypi/Pillow@3.4.1","pkg:pypi/Pillow@3.4.2","pkg:pypi/Pillow@4.0.0","pkg:pypi/Pillow@4.1.0","pkg:pypi/Pillow@4.1.1","pkg:pypi/Pillow@4.2.0","pkg:pypi/Pillow@4.2.1","pkg:pypi/Pillow@4.3.0","pkg:pypi/Pillow@5.0.0","pkg:pypi/Pillow@5.1.0","pkg:pypi/Pillow@5.2.0","pkg:pypi/Pillow@5.3.0","pkg:pypi/Pillow@5.4.0","pkg:pypi/Pillow@5.4.0.dev0","pkg:pypi/Pillow@5.4.1","pkg:pypi/Pillow@6.0.0","pkg:pypi/Pillow@6.1.0","pkg:pypi/Pillow@6.2.0","pkg:pypi/Pillow@6.2.1","pkg:pypi/Pillow@6.2.2","pkg:pypi/Pillow@7.0.0","pkg:pypi/Pillow@7.1.0","pkg:pypi/Pillow@7.1.1","pkg:pypi/Pillow@7.1.2","pkg:pypi/Pillow@7.2.0","pkg:pypi/Pillow@8.0.0","pkg:pypi/Pillow@8.0.1","pkg:pypi/Pillow@8.1.0","pkg:pypi/Pillow@8.1.1","pkg:pypi/Pillow@8.1.2","pkg:pypi/Pillow@8.2.0","pkg:pypi/Pillow@8.3.0","pkg:pypi/Pillow@8.3.1","pkg:pypi/Pillow@8.3.2","pkg:pypi/Pillow@8.4.0"],"base_cpe":"cpe:2.3:a:python:pillow","first_patched_purls":["pkg:pypi/Pillow@9.0.0"],"scoreCVSS2":7.5,"scoreCVSS3":9.8,"vectorCVSS2":"AV:N/AC:L/Au:N/C:P/I:P/A:P","vectorCVSS3":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cwe_ids":["CWE-665"],"severity":"HIGH","published_date":"2022-01-10","last_modified_date":"2022-01-25","description":"Pillow 9.0.0 includes a fix for CVE-2022-22815: path_getbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path.\r\nhttps://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#fixed-imagepath-path-array-handling","references":["https://github.com/advisories/GHSA-pw3c-h7wp-cvhx","https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#fixed-imagepath-path-array-handling","https://nvd.nist.gov/vuln/detail/CVE-2022-22815","https://github.com/python-pillow/Pillow/blob/c5d9223a8b5e9295d15b5a9b1ef1dae44c8499f3/src/path.c#L331","https://lists.debian.org/debian-lts-announce/2022/01/msg00018.html","https://www.debian.org/security/2022/dsa-5053"],"patch_links":[],"exploits":[],"patches":[]}