Date published: 2015-01-16T11:59:17.123-05:00
Date last modified: 2016-11-28T14:14:07.233-05:00
CVSS Score: 5.0
Principal attack vector: NETWORK
Reference URL: http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148442.html
Summary: Pillow before 2.7.0 allows remote attackers to cause a denial of service via a compressed text chunk in a PNG image that has a large size when it is decompressed.