Lucene search

Out-of-bounds reads in Pillow

🗓️ 27 Jul 2020 21:39:52Reported by GitHub Advisory DatabaseType

Out-of-bounds reads in Pillow `libImaging/Jpeg2KDecode.c` before version 7.1.

Reporter	Title	Published	Views	Family All 43
OSV	BIT-pillow-2020-10994	6 Mar 202411:06	–	osv
OSV	Out-of-bounds reads in Pillow	27 Jul 202021:52	–	osv
OSV	PYSEC-2020-79	25 Jun 202019:15	–	osv
OSV	CVE-2020-10994	25 Jun 202019:15	–	osv
UbuntuCve	CVE-2020-10994	25 Jun 202000:00	–	ubuntucve
NVD	CVE-2020-10994	25 Jun 202019:15	–	nvd
RedhatCVE	CVE-2020-10994	1 Jul 202011:52	–	redhatcve
Cvelist	CVE-2020-10994	25 Jun 202018:26	–	cvelist
Tenable Nessus	RHEL 8 : python-pillow (Unpatched Vulnerability)	11 May 202400:00	–	nessus
Tenable Nessus	RHEL 8 : python-pillow (Unpatched Vulnerability)	3 Jun 202400:00	–	nessus

Vulners

Node

python pillowRange<7.1.0

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2020-10994
github	www.github.com/python-pillow/Pillow/pull/4505
github	www.github.com/python-pillow/Pillow/pull/4538
github	www.github.com/python-pillow/Pillow/commit/ff60894d697d1992147b791101ad53a8bf1352e4
github	www.github.com/python-pillow/Pillow/blob/master/docs/releasenotes/7.1.0.rst
pillow	www.pillow.readthedocs.io/en/stable/releasenotes/7.1.0.html
snyk	www.snyk.io/vuln/SNYK-PYTHON-PILLOW-574575
github	www.github.com/advisories/GHSA-vj42-xq3r-hr3r
github	www.github.com/pypa/advisory-database/tree/main/vulns/pillow/PYSEC-2020-79.yaml
github	www.github.com/python-pillow/Pillow/commits/master/src/libImaging

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

27 Jul 2020 21:52Current

5.8Medium risk

Vulners AI Score5.8

CVSS24.3

CVSS35.5

EPSS0.00098

CWE-125