CVE-2020-11538

Опубликовано: 25 июн. 2020

Источник: debian

Описание

In libImaging/SgiRleDecode.c in Pillow through 7.0.0, a number of out-of-bounds reads exist in the parsing of SGI image files, a different issue than CVE-2020-5311.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
pillow	fixed	7.2.0-1		package
pillow	fixed	5.4.1-2+deb10u2	buster	package
pillow	not-affected		stretch	package

Примечания

https://github.com/python-pillow/Pillow/pull/4504
https://github.com/python-pillow/Pillow/pull/4538

Связанные уязвимости

CVE-2020-11538

CVSS3: 8.1

ubuntu

больше 5 лет назад

In libImaging/SgiRleDecode.c in Pillow through 7.0.0, a number of out-of-bounds reads exist in the parsing of SGI image files, a different issue than CVE-2020-5311.

CVE-2020-11538

CVSS3: 8.1

redhat

больше 5 лет назад

In libImaging/SgiRleDecode.c in Pillow through 7.0.0, a number of out-of-bounds reads exist in the parsing of SGI image files, a different issue than CVE-2020-5311.

CVE-2020-11538

CVSS3: 8.1

nvd

больше 5 лет назад

In libImaging/SgiRleDecode.c in Pillow through 7.0.0, a number of out-of-bounds reads exist in the parsing of SGI image files, a different issue than CVE-2020-5311.

GHSA-43fq-w8qq-v88h

CVSS3: 8.1

github

больше 5 лет назад

Out-of-bounds read in Pillow

RLSA-2020:3185

rocky

больше 5 лет назад

Important: python-pillow security update