In Pillow prior to 8.1.0, SGIRleDecode has a 4-byte buffer over-read when decoding crafted SGI RLE image files because offsets and length tables are mishandled.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
python pillow |
||
fedoraproject fedora 32 |
||
fedoraproject fedora 33 |