The (1) JpegImagePlugin.py and (2) EpsImagePlugin.py scripts in Python Image Library (PIL) 1.1.7 and earlier and Pillow before 2.3.1 uses the names of temporary files on the command line, which makes. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. Public exploit code available.
Python
Privilege Escalation
Pillow
Python Imaging Library
NVD
GitHub
VulDB
CVSS 2.0
2.1
EPSS
0.1%
JBoss Fuse did not enable encrypted passwords by default in its usage of Apache Zookeeper. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity.
Apache
Information Disclosure
Authentication Bypass
Jboss A Mq
Jboss Fuse
NVD
VulDB
CVSS 2.0
2.1
EPSS
0.1%