python2-pillow
| Link | package | bugs open | bugs closed | Wiki | GitHub | web search |
| Description | Python Imaging Library (PIL) fork. |
| Version | 6.2.1-3 [community] |
Open
| Group | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|
| AVG-1439 | 6.2.1-3 | Medium | Vulnerable |
| Issue | Group | Severity | Remote | Type | Description |
|---|---|---|---|---|---|
| CVE-2020-35655 | AVG-1439 | Low | No | Denial of service | In python-pillow before 8.1.0, SGIRleDecode has a 4-byte buffer over- read when decoding crafted SGI RLE image files because offsets and length tables are... |
| CVE-2020-35654 | AVG-1439 | Medium | No | Arbitrary code execution | In python-pillow before 8.1.0, TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts... |
| CVE-2020-35653 | AVG-1439 | Medium | No | Information disclosure | In python-pillow before 8.1.0, PcxDecode has a buffer over-read when decoding a crafted PCX file because the user-supplied stride value is trusted for... |