4.3
CVSSv2

CVE-2020-10177

Published: 25/06/2020 Updated: 08/08/2020
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Vulnerability Summary

Pillow prior to 7.1.0 has multiple out-of-bounds reads in libImaging/FliDecode.c.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

python pillow

python pillow 7.0.0

Github Repositories

CPython bytecode instrumentation and forkserver tools for fuzzing pure python and mixed python/c code using AFL

cpytraceafl CPython bytecode instrumentation and forkserver tools for fuzzing python code using AFL The tools in this repository enable coverage-guided fuzzing of pure python and mixed python/c code using American Fuzzy Lop (even better, AFL++) There are three main parts to this: A bytecode rewriter using a technique inspired by inspired by Ned Batchelder's "wicked