{
  "threat_severity" : "Moderate",
  "public_date" : "2022-01-02T00:00:00Z",
  "bugzilla" : {
    "description" : "python-pillow: buffer over-read during initialization of ImagePath.Path in path_getbbox() in path.c",
    "id" : "2042522",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2042522"
  },
  "cvss3" : {
    "cvss3_base_score" : "6.5",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
    "status" : "verified"
  },
  "cwe" : "CWE-125",
  "details" : [ "path_getbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization of ImagePath.Path.", "A flaw was found in python-pillow. The vulnerability occurs due to improper initialization of image paths, leading to a buffer over-read and improper initialization. This flaw allows an attacker to unauthorized memory access that causes memory access errors, incorrect results, or crashes." ],
  "statement" : "Red Hat Quay ships a vulnerable version of Pillow as a dependency of xhtml2pdf. The xhtml2pdf package is used in the invoice generation feature of Quay, however, the vulnerable ImagePath module is not used by xhtml2pdf. Therefore impact for Quay is rated Low.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2022-02-22T00:00:00Z",
    "advisory" : "RHSA-2022:0609",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7",
    "package" : "python-pillow-0:2.0.0-23.gitd1c6db8.el7_9"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2022-02-22T00:00:00Z",
    "advisory" : "RHSA-2022:0643",
    "cpe" : "cpe:/a:redhat:enterprise_linux:8",
    "package" : "python-pillow-0:5.1.1-18.el8_5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions",
    "release_date" : "2022-02-24T00:00:00Z",
    "advisory" : "RHSA-2022:0669",
    "cpe" : "cpe:/a:redhat:rhel_e4s:8.1",
    "package" : "python-pillow-0:5.1.1-13.el8_1"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.2 Extended Update Support",
    "release_date" : "2022-02-24T00:00:00Z",
    "advisory" : "RHSA-2022:0667",
    "cpe" : "cpe:/a:redhat:rhel_eus:8.2",
    "package" : "python-pillow-0:5.1.1-14.el8_2"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.4 Extended Update Support",
    "release_date" : "2022-02-24T00:00:00Z",
    "advisory" : "RHSA-2022:0665",
    "cpe" : "cpe:/a:redhat:rhel_eus:8.4",
    "package" : "python-pillow-0:5.1.1-14.el8_4"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Quay 3",
    "fix_state" : "Affected",
    "package_name" : "quay/quay-rhel8",
    "cpe" : "cpe:/a:redhat:quay:3",
    "impact" : "low"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2022-22816\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-22816\nhttps://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#fixed-imagepath-path-array-handling" ],
  "name" : "CVE-2022-22816",
  "csaw" : false
}