CVE-2020-35654 log

Severity Medium
Remote No
Type Arbitrary code execution
In python-pillow before 8.1.0, TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode.
Group Package Affected Fixed Severity Status Ticket
AVG-1439 python2-pillow 6.2.1-3 Medium Unknown
AVG-1438 python-pillow 8.0.1-3 8.1.0-1 Medium Fixed
Date Advisory Group Package Severity Type
12 Jan 2021 ASA-202101-11 AVG-1438 python-pillow Medium multiple issues