PYSEC-2020-76

Pillow before 7.1.0 has multiple out-of-bounds reads in libImaging/FliDecode.c...

PYSEC-2020-76

Pillow before 7.1.0 has multiple out-of-bounds reads in libImaging/FliDecode.c...

PYSEC-2020-77

In libImaging/PcxDecode.c in Pillow before 7.1.0, an out-of-bounds read can occur when reading PCX files where state-shuffle is instructed to read beyond state-buffer...

UBUNTU-CVE-2020-10177

Pillow before 7.1.0 has multiple out-of-bounds reads in libImaging/FliDecode.c...

PYSEC-2020-78

In Pillow before 7.1.0, there are two Buffer Overflows in libImaging/TiffDecode.c...

CVE-2020-10177

Pillow before 7.1.0 has multiple out-of-bounds reads in libImaging/FliDecode.c...

CVE-2020-11538

CVE-2020-11538 affects Pillow up to 7.0.0, with out-of-bounds reads in SGI image parsing (libImaging/SgiRleDecode.c). Connected sources confirm Pillow as the impacted product and outline the vulnerability class, but do not provide exploit details. The fix is in Pillow 7.1.0 and later; remediation...

CVE-2020-10994

CVE-2020-10994 affects Pillow, specifically in libImaging/Jpeg2KDecode.c. The vulnerability consists of multiple out-of-bounds reads when decoding JP2 files, as described in the CVE entry and corroborated by connected advisories. Affected versions are Pillow before 7.1.0; remediation is to upgrad...

CVE-2020-10994

In libImaging/Jpeg2KDecode.c in Pillow before 7.1.0, there are multiple out-of-bounds reads via a crafted JP2 file...

CVE-2020-10379

In Pillow before 7.1.0, there are two Buffer Overflows in libImaging/TiffDecode.c...

CVE-2020-10379

Summary: CVE-2020-10379 affects Pillow prior to 7.1.0, with two Buffer Overflows in libImaging/TiffDecode.c. This is documented in the CVE as a vulnerability with partial confidentiality, integrity, and availability impact (CVSS v3.1: 7.8, LOCAL, UI REQUIRED; CVSS v2: 6.8). The initial descriptio...

CVE-2020-10378

In Pillow, CVE-2020-10378 is an out-of-bounds read in the PCX decoding path. Specifically, in libImaging/PcxDecode.c, when reading PCX files, state->shuffle may be instructed to read beyond state->buffer, enabling an out-of-bounds access. This vulnerability is documented for Pillow releases...

CVE-2020-10378

In libImaging/PcxDecode.c in Pillow before 7.1.0, an out-of-bounds read can occur when reading PCX files where state-shuffle is instructed to read beyond state-buffer...

CVE-2020-10378

In libImaging/PcxDecode.c in Pillow before 7.1.0, an out-of-bounds read can occur when reading PCX files where state-shuffle is instructed to read beyond state-buffer...

PT-2020-12049 · Python Imaging Library +2 · Pillow +2

Name of the Vulnerable Software and Affected Versions: Pillow versions prior to 7.1.0 Pillow versions 7.x prior to 7.0.1 Pillow version 6.2.3 and earlier Description: The issue involves two Buffer Overflows in libImaging/TiffDecode.c. This affects Pillow, where the buffer overflows can occur due ...

EulerOS Virtualization for ARM 64 3.0.6.0 : python-pillow (EulerOS-SA-2020-1707)

According to the versions of the python-pillow package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overflow.CVE-2020-5313 - libImaging/PcxDecode.c ...

Out-of-bounds Read in Pillow

libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overflow...

EulerOS 2.0 SP5 : python-pillow (EulerOS-SA-2020-1322)

According to the version of the python-pillow package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - libImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode buffer overflow.CVE-2020-5312 Note that Tenable Network Security has extracted...

Scientific Linux Security Update : python-imaging on SL6.x i386/x86_64 (20200318)

Security Fixes : - python-pillow: improperly restricted operations on memory buffer in libImaging/PcxDecode.c CVE-2020-5312 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include"compat.inc"; if description scriptid134694; scriptversion"1.3";...

CVE-2020-5310

libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc...