In Pillow before 8.1.0, SGIRleDecode has a 4-byte buffer over-read when decoding crafted SGI RLE image files because offsets and length tables are mishandled.
Metrics
Affected Vendors & Products
Advisories
Source | ID | Title |
---|---|---|
![]() |
EUVD-2021-0182 | In Pillow before 8.1.0, SGIRleDecode has a 4-byte buffer over-read when decoding crafted SGI RLE image files because offsets and length tables are mishandled. |
![]() |
GHSA-hf64-x4gq-p99h | Pillow Out-of-bounds Read |
![]() |
USN-4697-1 | Pillow vulnerabilities |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
No history.

Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-04T17:09:14.831Z
Reserved: 2020-12-23T00:00:00
Link: CVE-2020-35655

No data.

Status : Modified
Published: 2021-01-12T09:15:13.967
Modified: 2024-11-21T05:27:46.460
Link: CVE-2020-35655


No data.