Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2020-35655  

In python-pillow before 8.1.0, SGIRleDecode has a 4-byte buffer over-read when decoding crafted SGI RLE image files because offsets and length tables are mishandled.

Source
Severity Low

Remote No

Type Denial of service

Description 

In python-pillow before 8.1.0, SGIRleDecode has a 4-byte buffer over-read when decoding crafted SGI RLE image files because offsets and length tables are mishandled.

AVG-1439 python2-pillow 6.2.1-3 Medium Vulnerable

AVG-1438 python-pillow 8.0.1-3 8.1.0-1 Medium Fixed

12 Jan 2021 ASA-202101-11 AVG-1438 python-pillow Medium multiple issues 

https://pillow.readthedocs.io/en/stable/releasenotes/8.1.0.html#security
https://github.com/python-pillow/Pillow/pull/5173
https://github.com/python-pillow/Pillow/commit/7e95c63fa7f503f185d3d9eb16b9cee1e54d1e46
https://github.com/python-pillow/Pillow/commit/9a2c9f722f78773e608d44710873437baf3f17d1

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started