CVE-2022-24303 Pillow before version 9.0.1 allows attackers to delete files if spaces are mishandled.
An attacker can leverage this flaw to access or alter files on the system. This issue was addressed by avoiding the use of spaces in temporary pathnames.
A file named .bashrc could be deleted from the system. An attacker can leverage this issue to delete arbitrary files on the system.
A file named .git could be deleted from the system. An attacker can leverage this issue to delete arbitrary files on the system.
A file named .nginx could be deleted from the system. An attacker can leverage this issue to delete arbitrary files on the system.
A file named .emacs could be deleted from the system. An attacker can leverage this issue to delete arbitrary files on the system.
A file named .bash_log could be deleted from the system. An attacker can leverage this issue to delete arbitrary files on the system.
A file named .mysql could be deleted from the system. An attacker can leverage this issue to delete arbitrary files on the system.
A file named .vim could be deleted from the system. An attacker can leverage this issue to delete arbitrary files on the system.
A file named .log could be deleted from the system. An attacker can leverage this issue to delete arbitrary files on the system.
A file named .git_repository could be deleted from the system. An attacker can leverage this issue to delete arbitrary files on the system.
A file named .gitignore
File Existence and Access
A file named .bashrc could be deleted from the system. An attacker can leverage this issue to delete arbitrary files on the system.
A file named .git could be deleted from the system. An attacker can leverage this issue to delete arbitrary files on the system.
A file named .nginx could be deleted from the system. An attacker can leverage this issue to delete arbitrary files on the system.
A file named .emacs could be deleted from the system. An attacker can leverage this issue to delete arbitrary files on the system.
A file named .bash_log could be deleted from the system. An attacker can leverage this issue to delete arbitrary files on the system.
Timeline
Published on: 03/28/2022 02:15:00 UTC
Last modified on: 04/26/2022 15:35:00 UTC
References
- https://pillow.readthedocs.io/en/stable/releasenotes/9.0.1.html#security
- https://github.com/python-pillow/Pillow/pull/3450
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W4ZUXPKEX72O3E5IHBPVY5ZCPMJ4GHHV/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XR6UP2XONXOVXI4446VY72R63YRO2YTP/
- https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24303