| Severity |
|
| Remote |
|
| Type |
| - |
Unknown |
| + |
Denial of service |
|
| Description |
| + |
In python-pillow before 8.1.0, SGIRleDecode has a 4-byte buffer over-read when decoding crafted SGI RLE image files because offsets and length tables are mishandled. |
|
| References |
| + |
https://pillow.readthedocs.io/en/stable/releasenotes/8.1.0.html#security |
| + |
https://github.com/python-pillow/Pillow/pull/5173 |
| + |
https://github.com/python-pillow/Pillow/commit/7e95c63fa7f503f185d3d9eb16b9cee1e54d1e46 |
| + |
https://github.com/python-pillow/Pillow/commit/9a2c9f722f78773e608d44710873437baf3f17d1 |
|
| Notes |
|