|Created||Tue Jan 12 10:01:10 2021|
|CVE-2020-35655||Low||No||Denial of service||
In python-pillow before 8.1.0, SGIRleDecode has a 4-byte buffer over- read when decoding crafted SGI RLE image files because offsets and length tables are...
|CVE-2020-35654||Medium||No||Arbitrary code execution||
In python-pillow before 8.1.0, TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts...
In python-pillow before 8.1.0, PcxDecode has a buffer over-read when decoding a crafted PCX file because the user-supplied stride value is trusted for...
python-pillow 7.0.0 dropped support for the end of life Python 2.7, so these issues are unlikely to be fixed in this legacy version of python-pillow, which is retained only for compatibility reasons.