5 matches found
CVE-2026-40494
SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 45d48d1f2e8e0d73e80bc1fd5310cb57f4547302, the TGA codec's RLE decoder in tga.c has an asymmetric bounds check vulnerability. The run-packet path line 297 correctl...
The vulnerability in the libImaging/TgaRleDecode.c component of the Pillow image processing library allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the libImaging/TgaRleDecode.c component of the Pillow image processing library is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of protected...
GHSA-HR8G-F6R6-MR22 Buffer over-flow in Pillow
When reading a TGA file with RLE packets that cross scan lines, Pillow reads the information past the end of the first line without deducting that from the length of the remaining file data. This vulnerability was introduced in Pillow 9.1.0, and can cause a heap buffer overflow. Opening an image...
CVE-2022-30595
libImaging/TgaRleDecode.c in Pillow 9.1.0 has a heap buffer overflow in the processing of invalid TGA image files...
PYSEC-2022-43145
libImaging/TgaRleDecode.c in Pillow 9.1.0 has a heap buffer overflow in the processing of invalid TGA image files...