Lucene search

K
cvelistMitreCVELIST:CVE-2021-25289
HistoryMar 19, 2021 - 3:29 a.m.

CVE-2021-25289

2021-03-1903:29:48
mitre
www.cve.org

9.7 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

64.7%

An issue was discovered in Pillow before 8.1.1. TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode. NOTE: this issue exists because of an incomplete fix for CVE-2020-35654.