Lucene search

K
osvGoogleOSV:GHSA-HF64-X4GQ-P99H
HistoryMar 18, 2021 - 7:55 p.m.

Pillow Out-of-bounds Read

2021-03-1819:55:34
Google
osv.dev
17
pillow
out-of-bounds read
sgirledecode
buffer over-read
crafted sgi rle
image files
mishandled
software

AI Score

6.8

Confidence

High

EPSS

0.001

Percentile

44.9%

In Pillow before 8.1.0, SGIRleDecode has a 4-byte buffer over-read when decoding crafted SGI RLE image files because offsets and length tables are mishandled.