python2-pillow

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Python Imaging Library (PIL) fork.
Version 6.2.1-3 [community]

Open

Group Affected Fixed Severity Status Ticket
AVG-1439 6.2.1-3 Medium Vulnerable
Issue Group Severity Remote Type Description
CVE-2020-35655 AVG-1439 Low No Denial of service
In python-pillow before 8.1.0, SGIRleDecode has a 4-byte buffer over- read when decoding crafted SGI RLE image files because offsets and length tables are...
CVE-2020-35654 AVG-1439 Medium No Arbitrary code execution
In python-pillow before 8.1.0, TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts...
CVE-2020-35653 AVG-1439 Medium No Information disclosure
In python-pillow before 8.1.0, PcxDecode has a buffer over-read when decoding a crafted PCX file because the user-supplied stride value is trusted for...