Lucene search

Out of bounds read in Pillow

🗓️ 29 Mar 2021 16:57:35Reported by GitHub Advisory DatabaseType

Out of bounds read in Pillow. Issue in TiffDecode.

Reporter	Title	Published	Views	Family All 45
UbuntuCve	CVE-2021-25291	3 Mar 202100:00	–	ubuntucve
Debian CVE	CVE-2021-25291	19 Mar 202104:15	–	debiancve
OSV	CVE-2021-25291	19 Mar 202104:15	–	osv
OSV	BIT-pillow-2021-25291	6 Mar 202411:04	–	osv
OSV	PYSEC-2021-37	19 Mar 202104:15	–	osv
OSV	Out of bounds read in Pillow	29 Mar 202116:35	–	osv
OSV	pillow vulnerabilities	11 Mar 202114:56	–	osv
OSV	OPENSUSE-SU-2024:11209-1 python36-Pillow-8.3.2-1.2 on GA media	15 Jun 202400:00	–	osv
OSV	OPENSUSE-SU-2024:13827-1 python310-Pillow-10.3.0-1.1 on GA media	15 Jun 202400:00	–	osv
CNVD	Pillow Buffer Overflow Vulnerability (CNVD-2021-54036)	8 Mar 202100:00	–	cnvd

Vulners

Node

python pillowRange<8.2.0

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2021-25291
github	www.github.com/python-pillow/Pillow/commit/cbdce6c5d054fccaf4af34b47f212355c64ace7a
pillow	www.pillow.readthedocs.io/en/stable/releasenotes/8.1.1.html
security	www.security.gentoo.org/glsa/202107-33
github	www.github.com/python-pillow/Pillow/commit/8b8076bdcb3815be0ef0d279651d8d1342b8ea61
github	www.github.com/advisories/GHSA-mvg9-xffr-p774
github	www.github.com/pypa/advisory-database/tree/main/vulns/pillow/PYSEC-2021-37.yaml

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

29 Mar 2021 16:35Current

7.9High risk

Vulners AI Score7.9

CVSS25

CVSS37.5

EPSS0.00105

CWE-125