CVE-2019-19911 vulnerability in Python and Other Products
Published on January 5, 2020

There is a DoS vulnerability in Pillow before 6.2.2 caused by FpxImagePlugin.py calling the range function on an unvalidated 32-bit integer if the number of bands is large. On Windows running 32-bit Python, this results in an OverflowError or MemoryError due to the 2 GB limit. However, on Linux running 64-bit Python this results in the process being terminated by the OOM killer.

Vendor Advisory Vendor Advisory Vendor Advisory NVD

Products Associated with CVE-2019-19911

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2019-19911 are published in these products:

Python Pillow

Debian Linux

Fedora Project Fedora

Canonical Ubuntu Linux

Exploit Probability

EPSS

0.97%

Percentile

76.48%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2019-19911 vulnerability in Python and Other ProductsPublished on January 5, 2020

Products Associated with CVE-2019-19911

Exploit Probability

CVE-2019-19911 vulnerability in Python and Other Products
Published on January 5, 2020