EPSS
Percentile
45.6%
pillow is vulnerable to out-of-bounds read. Lack of checks for the end of the input buffer leads to an OOB read in SgiRleDecode.c.
SgiRleDecode.c
github.com/python-pillow/Pillow/blob/e563366863e2c112fd156595ab2669c6d8947c48/CHANGES.rst#811-2021-03-01
github.com/python-pillow/Pillow/commit/4853e522bddbec66022c0915b9a56255d0188bf9
pillow.readthedocs.io/en/stable/releasenotes/8.1.1.html
security.gentoo.org/glsa/202107-33