In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsUpgrade pillow
to version 9.3.0 or higher.
Affected versions of this package are vulnerable to Incorrect Type Conversion or Cast due to improper data type handling for BLP1 image data with JPEG compression. When decoding this data in the incorrect mode (BGRX
instead of CMYK
), the library may misinterpret the format, leading to a segmentation fault.