Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2021-25291

Опубликовано: 19 мар. 2021
Источник: debian

Описание

An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is an out-of-bounds read in TiffreadRGBATile via invalid tile boundaries.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
pillowfixed8.1.1-1package
pillownot-affectedbusterpackage
pillownot-affectedstretchpackage

Примечания

  • https://pillow.readthedocs.io/en/stable/releasenotes/8.1.1.html

  • https://github.com/python-pillow/Pillow/commit/8b8076bdcb3815be0ef0d279651d8d1342b8ea61

  • Introduced in: https://github.com/python-pillow/Pillow/commit/e91b851fdc1c914419543f485bdbaa010790719f (6.0.0)

Связанные уязвимости

ubuntu логотип

CVE-2021-25291

CVSS3: 7.5
ubuntu
почти 5 лет назад

An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is an out-of-bounds read in TiffreadRGBATile via invalid tile boundaries.

redhat логотип

CVE-2021-25291

CVSS3: 7.5
redhat
почти 5 лет назад

An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is an out-of-bounds read in TiffreadRGBATile via invalid tile boundaries.

nvd логотип

CVE-2021-25291

CVSS3: 7.5
nvd
почти 5 лет назад

An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is an out-of-bounds read in TiffreadRGBATile via invalid tile boundaries.

github логотип

GHSA-mvg9-xffr-p774

CVSS3: 7.5
github
почти 5 лет назад

Out of bounds read in Pillow

suse-cvrf логотип

openSUSE-SU-2021:1134-1

suse-cvrf
больше 4 лет назад

Security update for python-CairoSVG, python-Pillow