Product:

Pillow

(Python)
Date Id Summary Products Score Patch Annotated
2020-01-03 CVE-2020-5310 libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc. Ubuntu_linux, Fedora, Pillow 8.8
2020-01-03 CVE-2020-5311 libImaging/SgiRleDecode.c in Pillow before 6.2.2 has an SGI buffer overflow. Ubuntu_linux, Debian_linux, Fedora, Pillow 9.8
2020-01-03 CVE-2020-5312 libImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode buffer overflow. Ubuntu_linux, Debian_linux, Fedora, Pillow 9.8
2020-01-03 CVE-2020-5313 libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overflow. Ubuntu_linux, Debian_linux, Fedora, Pillow 7.1
2021-01-12 CVE-2020-35653 In Pillow before 8.1.0, PcxDecode has a buffer over-read when decoding a crafted PCX file because the user-supplied stride value is trusted for buffer calculations. Debian_linux, Fedora, Pillow 7.1
2021-01-12 CVE-2020-35654 In Pillow before 8.1.0, TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode. Fedora, Pillow 8.8
2021-01-12 CVE-2020-35655 In Pillow before 8.1.0, SGIRleDecode has a 4-byte buffer over-read when decoding crafted SGI RLE image files because offsets and length tables are mishandled. Fedora, Pillow 5.4
2021-03-03 CVE-2021-27921 Pillow before 8.1.1 allows attackers to cause a denial of service (memory consumption) because the reported size of a contained image is not properly checked for a BLP container, and thus an attempted memory allocation can be very large. Fedora, Pillow 7.5
2021-03-03 CVE-2021-27922 Pillow before 8.1.1 allows attackers to cause a denial of service (memory consumption) because the reported size of a contained image is not properly checked for an ICNS container, and thus an attempted memory allocation can be very large. Fedora, Pillow 7.5
2021-03-03 CVE-2021-27923 Pillow before 8.1.1 allows attackers to cause a denial of service (memory consumption) because the reported size of a contained image is not properly checked for an ICO container, and thus an attempted memory allocation can be very large. Fedora, Pillow 7.5