CVE-2020-10994
Out-of-bounds Read in pypi/Pillow
Identifiers
CVE-2020-10994
Package Slug
pypi/Pillow
Vulnerability
Out-of-bounds Read
Description
In libImaging/Jpeg2KDecode.c in Pillow, there are multiple out-of-bounds reads via a crafted JP2 file.
Affected Versions
All versions before 7.0.0
Solution
Upgrade to version 7.0.0 or above.
Last Modified
2020-07-03
| source |