6.8
CVSSv2

CVE-2020-10379

Published: 25/06/2020 Updated: 27/07/2020
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Summary

In Pillow prior to 7.1.0, there are two Buffer Overflows in libImaging/TiffDecode.c.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

python pillow

python pillow 7.0.0

Github Repositories

CPython bytecode instrumentation and forkserver tools for fuzzing pure python and mixed python/c code using AFL

cpytraceafl CPython bytecode instrumentation and forkserver tools for fuzzing python code using AFL The tools in this repository enable coverage-guided fuzzing of pure python and mixed python/c code using American Fuzzy Lop (even better, AFL++) There are three main parts to this: A bytecode rewriter using a technique inspired by inspired by Ned Batchelder's "wicked