CVSS 3.1 Score 7.5 of 10 (high)


Published Nov 3, 2023
Updated: Mar 22, 2024
CWE ID 770


CVE-2023-44271 is a Denial of Service vulnerability discovered in Pillow before version 10.0.0. It affects multiple products, including iL0s5a, jJiR8B, jJiR8A, and others. The vulnerability allows an attacker to allocate excessive memory, potentially causing a service to crash due to running out of memory. To remediate the issue, it is recommended to update Pillow to version 10.0.0 or later. This vulnerability poses a high danger to organizations as it can lead to service disruptions and potential exploitation by attackers with network access.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-44271 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options