GHSA-77gc-v2xv-rvvh

Опубликовано: 08 июн. 2021

Источник: github

Github: Прошло ревью

CVSS4: 8.8

CVSS3: 9.1

Описание

Out-of-bounds Read in Pillow

An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2ku_graya_la.

Ссылки

Пакеты

Наименование

pillow

pip

Затронутые версииВерсия исправления

>= 2.4.0, < 8.2.0

8.2.0

EPSS

Процентиль: 57%

0.00343

Низкий

8.8 High

CVSS4

9.1 Critical

CVSS3

CVE ID

CVE-2021-25287

Дефекты

CWE-125

Связанные уязвимости

CVE-2021-25287

CVSS3: 9.1

ubuntu

почти 5 лет назад

An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2ku_graya_la.

CVE-2021-25287

CVSS3: 9.1

redhat

около 5 лет назад

An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2ku_graya_la.

CVE-2021-25287

CVSS3: 9.1

nvd

почти 5 лет назад

An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2ku_graya_la.

CVE-2021-25287

CVSS3: 9.1

debian

почти 5 лет назад

An issue was discovered in Pillow before 8.2.0. There is an out-of-bou ...

SUSE-SU-2024:1607-1

suse-cvrf

почти 2 года назад

Security update for python-Pillow

EPSS

Процентиль: 57%

0.00343

Низкий

8.8 High

CVSS4

9.1 Critical

CVSS3

CVE ID

CVE-2021-25287

Дефекты

CWE-125