In Pillow before 8.1.0, SGIRleDecode has a 4-byte buffer over-read when decoding crafted SGI RLE image files because offsets and length tables are mishandled.
References
Configurations
History
07 Nov 2023, 03:22
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
29 Jan 2021, 00:46
Type | Values Removed | Values Added |
---|---|---|
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6BYVI5G44MRIPERKYDQEL3S3YQCZTVHE/ - Mailing List, Third Party Advisory | |
References | (MISC) https://pillow.readthedocs.io/en/stable/releasenotes/index.html - Release Notes, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BF553AMNNNBW7SH4IM4MNE4M6GNZQ7YD/ - Mailing List, Third Party Advisory | |
CPE | cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:* |
26 Jan 2021, 18:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
14 Jan 2021, 20:05
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 5.8
v3 : 5.4 |
12 Jan 2021, 13:56
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:python:pillow:*:*:*:*:*:*:*:* | |
References | (MISC) https://pillow.readthedocs.io/en/stable/releasenotes/index.html - Exploit, Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : 5.8
v3 : 8.1 |
CWE | CWE-125 |
12 Jan 2021, 09:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-01-12 09:15
Updated : 2023-12-10 13:41
NVD link : CVE-2020-35655
Mitre link : CVE-2020-35655
CVE.ORG link : CVE-2020-35655
JSON object : View
Products Affected
python
- pillow
fedoraproject
- fedora
CWE
CWE-125
Out-of-bounds Read