CVE-2020-11538

Out-of-bounds Read in pypi/Pillow

Identifiers

CVE-2020-11538

Package Slug

pypi/Pillow

Vulnerability

Out-of-bounds Read

Description

In libImaging/SgiRleDecode.c in Pillow, a number of out-of-bounds reads exist in the parsing of SGI image files, a different issue than CVE-2020-5311.

Affected Versions

All versions up to 7.0.0

Solution

Upgrade to version 7.1.0 or above.

Last Modified

2020-07-03

source