{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "In libImaging/SgiRleDecode.c in Pillow through 7.0.0, a number of out-of-bounds reads exist in the parsing of SGI image files, a different issue than CVE-2020-5311."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-07-27T18:06:20", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://pillow.readthedocs.io/en/stable/releasenotes/index.html"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/python-pillow/Pillow/pull/4538"}, {"tags": ["x_refsource_MISC"], "url": "https://pillow.readthedocs.io/en/stable/releasenotes/7.1.0.html"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/python-pillow/Pillow/pull/4504"}, {"name": "FEDORA-2020-c52106e48a", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HOKHNWV2VS5GESY7IBD237E7C6T3I427/"}, {"name": "FEDORA-2020-d0737711b6", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEBCPE4F2VHTIT6EZA2YZQZLPVDEBJGD/"}, {"name": "USN-4430-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/4430-1/"}, {"name": "USN-4430-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/4430-2/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2020-11538", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In libImaging/SgiRleDecode.c in Pillow through 7.0.0, a number of out-of-bounds reads exist in the parsing of SGI image files, a different issue than CVE-2020-5311."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://pillow.readthedocs.io/en/stable/releasenotes/index.html", "refsource": "MISC", "url": "https://pillow.readthedocs.io/en/stable/releasenotes/index.html"}, {"name": "https://github.com/python-pillow/Pillow/pull/4538", "refsource": "MISC", "url": "https://github.com/python-pillow/Pillow/pull/4538"}, {"name": "https://pillow.readthedocs.io/en/stable/releasenotes/7.1.0.html", "refsource": "MISC", "url": "https://pillow.readthedocs.io/en/stable/releasenotes/7.1.0.html"}, {"name": "https://github.com/python-pillow/Pillow/pull/4504", "refsource": "MISC", "url": "https://github.com/python-pillow/Pillow/pull/4504"}, {"name": "FEDORA-2020-c52106e48a", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HOKHNWV2VS5GESY7IBD237E7C6T3I427/"}, {"name": "FEDORA-2020-d0737711b6", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BEBCPE4F2VHTIT6EZA2YZQZLPVDEBJGD/"}, {"name": "USN-4430-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4430-1/"}, {"name": "USN-4430-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4430-2/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T11:35:13.102Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://pillow.readthedocs.io/en/stable/releasenotes/index.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/python-pillow/Pillow/pull/4538"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://pillow.readthedocs.io/en/stable/releasenotes/7.1.0.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/python-pillow/Pillow/pull/4504"}, {"name": "FEDORA-2020-c52106e48a", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HOKHNWV2VS5GESY7IBD237E7C6T3I427/"}, {"name": "FEDORA-2020-d0737711b6", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEBCPE4F2VHTIT6EZA2YZQZLPVDEBJGD/"}, {"name": "USN-4430-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/4430-1/"}, {"name": "USN-4430-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/4430-2/"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-11538", "datePublished": "2020-06-25T18:32:06", "dateReserved": "2020-04-04T00:00:00", "dateUpdated": "2024-08-04T11:35:13.102Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:python:pillow:*:*:*:*:*:*:*:*", "matchCriteriaId": "58AD52C9-23AE-4A61-84B5-3B199CEEDFF5", "versionEndIncluding": "7.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "matchCriteriaId": "80F0FA5D-8D3B-4C0E-81E2-87998286AF33", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", "matchCriteriaId": "36D96259-24BD-44E2-96D9-78CE1D41F956", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*", "matchCriteriaId": "902B8056-9E37-443B-8905-8AA93E2447FB", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In libImaging/SgiRleDecode.c in Pillow through 7.0.0, a number of out-of-bounds reads exist in the parsing of SGI image files, a different issue than CVE-2020-5311."}, {"lang": "es", "value": "En la biblioteca libImaging/SgiRleDecode.c en Pillow versiones hasta 7.0.0, se presentan m\u00faltiples lecturas fuera de l\u00edmites en el an\u00e1lisis de archivos de imagen SGI, un problema diferente de CVE-2020-5311"}], "id": "CVE-2020-11538", "lastModified": "2023-11-07T03:14:58.977", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-06-25T19:15:12.537", "references": [{"source": "cve@mitre.org", "tags": ["Issue Tracking", "Patch"], "url": "https://github.com/python-pillow/Pillow/pull/4504"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Patch"], "url": "https://github.com/python-pillow/Pillow/pull/4538"}, {"source": "cve@mitre.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEBCPE4F2VHTIT6EZA2YZQZLPVDEBJGD/"}, {"source": "cve@mitre.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HOKHNWV2VS5GESY7IBD237E7C6T3I427/"}, {"source": "cve@mitre.org", "tags": ["Product"], "url": "https://pillow.readthedocs.io/en/stable/releasenotes/7.1.0.html"}, {"source": "cve@mitre.org", "tags": ["Release Notes"], "url": "https://pillow.readthedocs.io/en/stable/releasenotes/index.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/4430-1/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/4430-2/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2020:3185", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "python-pillow-0:5.1.1-12.el8_2", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2020-07-28T00:00:00Z"}, {"advisory": "RHSA-2020:3302", "cpe": "cpe:/a:redhat:rhel_e4s:8.0", "package": "python-pillow-0:5.1.1-11.el8_0", "product_name": "Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions", "release_date": "2020-08-04T00:00:00Z"}, {"advisory": "RHSA-2020:3299", "cpe": "cpe:/a:redhat:rhel_eus:8.1", "package": "python-pillow-0:5.1.1-11.el8_1", "product_name": "Red Hat Enterprise Linux 8.1 Extended Update Support", "release_date": "2020-08-04T00:00:00Z"}, {"advisory": "RHSA-2021:0420", "cpe": "cpe:/a:redhat:quay:3::el8", "impact": "low", "package": "quay/clair-rhel8:v3.4.0-25", "product_name": "Red Hat Quay 3", "release_date": "2021-02-04T00:00:00Z"}, {"advisory": "RHSA-2021:0420", "cpe": "cpe:/a:redhat:quay:3::el8", "impact": "low", "package": "quay/quay-bridge-operator-bundle:v3.4.0-3", "product_name": "Red Hat Quay 3", "release_date": "2021-02-04T00:00:00Z"}, {"advisory": "RHSA-2021:0420", "cpe": "cpe:/a:redhat:quay:3::el8", "impact": "low", "package": "quay/quay-bridge-operator-rhel8:v3.4.0-17", "product_name": "Red Hat Quay 3", "release_date": "2021-02-04T00:00:00Z"}, {"advisory": "RHSA-2021:0420", "cpe": "cpe:/a:redhat:quay:3::el8", "impact": "low", "package": "quay/quay-builder-qemu-rhcos-rhel8:v3.4.0-17", "product_name": "Red Hat Quay 3", "release_date": "2021-02-04T00:00:00Z"}, {"advisory": "RHSA-2021:0420", "cpe": "cpe:/a:redhat:quay:3::el8", "impact": "low", "package": "quay/quay-builder-rhel8:v3.4.0-18", "product_name": "Red Hat Quay 3", "release_date": "2021-02-04T00:00:00Z"}, {"advisory": "RHSA-2021:0420", "cpe": "cpe:/a:redhat:quay:3::el8", "impact": "low", "package": "quay/quay-container-security-operator-bundle:v3.4.0-2", "product_name": "Red Hat Quay 3", "release_date": "2021-02-04T00:00:00Z"}, {"advisory": "RHSA-2021:0420", "cpe": "cpe:/a:redhat:quay:3::el8", "impact": "low", "package": "quay/quay-container-security-operator-rhel8:v3.4.0-2", "product_name": "Red Hat Quay 3", "release_date": "2021-02-04T00:00:00Z"}, {"advisory": "RHSA-2021:0420", "cpe": "cpe:/a:redhat:quay:3::el8", "impact": "low", "package": "quay/quay-openshift-bridge-rhel8-operator:v3.4.0-17", "product_name": "Red Hat Quay 3", "release_date": "2021-02-04T00:00:00Z"}, {"advisory": "RHSA-2021:0420", "cpe": "cpe:/a:redhat:quay:3::el8", "impact": "low", "package": "quay/quay-operator-bundle:v3.4.0-89", "product_name": "Red Hat Quay 3", "release_date": "2021-02-04T00:00:00Z"}, {"advisory": "RHSA-2021:0420", "cpe": "cpe:/a:redhat:quay:3::el8", "impact": "low", "package": "quay/quay-operator-rhel8:v3.4.0-132", "product_name": "Red Hat Quay 3", "release_date": "2021-02-04T00:00:00Z"}, {"advisory": "RHSA-2021:0420", "cpe": "cpe:/a:redhat:quay:3::el8", "impact": "low", "package": "quay/quay-rhel8:v3.4.0-51", "product_name": "Red Hat Quay 3", "release_date": "2021-02-04T00:00:00Z"}], "bugzilla": {"description": "python-pillow: out-of-bounds reads/writes in the parsing of SGI image files in expandrow/expandrow2", "id": "1852814", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1852814"}, "csaw": false, "cvss3": {"cvss3_base_score": "8.1", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-122", "details": ["In libImaging/SgiRleDecode.c in Pillow through 7.0.0, a number of out-of-bounds reads exist in the parsing of SGI image files, a different issue than CVE-2020-5311.", "An out-of-bounds read/write flaw was found in python-pillow, in the way SGI RLE images are decoded. An application that uses python-pillow to decode untrusted images may be vulnerable. This flaw allows an attacker to crash the application or potentially execute code on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability."], "name": "CVE-2020-11538", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "python-imaging", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "python-imaging", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "python-pillow", "product_name": "Red Hat Enterprise Linux 7"}], "public_date": "2020-07-01T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2020-11538\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-11538"], "statement": "This issue did not affect the versions of python-pillow and python-imaging as shipped with Red Hat Enterprise Linux 5, 6, and 7 as they did not include the SGI RLE image decoder, where the flaw lies.", "threat_severity": "Important", "upstream_fix": "python-pillow 7.1.0"}