CVE-2020-35655 log

Severity Low
Remote No
Type Denial of service
In python-pillow before 8.1.0, SGIRleDecode has a 4-byte buffer over-read when decoding crafted SGI RLE image files because offsets and length tables are mishandled.
Group Package Affected Fixed Severity Status Ticket
AVG-1439 python2-pillow 6.2.1-3 Medium Unknown
AVG-1438 python-pillow 8.0.1-3 8.1.0-1 Medium Fixed
Date Advisory Group Package Severity Type
12 Jan 2021 ASA-202101-11 AVG-1438 python-pillow Medium multiple issues