Lucene search
Veracode Vulnerability DatabaseVERACODE:25770HistoryJun 26, 2020 - 3:28 a.m.
Denial Of Service (DoS)
2020-06-2603:28:33
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
15
0.012 Low
EPSS
Percentile
85.6%
pillow is vulnerable to denial of service. An out-of-bounds read occurs when parsing SGI image files. An attacker is able to crash the application by submitting a malicious SGI image.
References
github.com/python-pillow/Pillow/pull/4504
github.com/python-pillow/Pillow/pull/4538
lists.fedoraproject.org/archives/list/[email protected]/message/BEBCPE4F2VHTIT6EZA2YZQZLPVDEBJGD/
lists.fedoraproject.org/archives/list/[email protected]/message/HOKHNWV2VS5GESY7IBD237E7C6T3I427/
pillow.readthedocs.io/en/stable/releasenotes/7.1.0.html
pillow.readthedocs.io/en/stable/releasenotes/index.html
usn.ubuntu.com/4430-1/
usn.ubuntu.com/4430-2/
Related
redhatcve
redhatcve
CVE-2020-11538
2020-07-01 11:20:51
nessus
nessus
RHEL 8 : python-pillow (RHSA-2020:3302)
2020-08-04 00:00:00
RHEL 8 : python-pillow (RHSA-2020:3299)
2020-08-04 00:00:00
RHEL 8 : python-pillow (RHSA-2020:3185)
2020-07-28 00:00:00
redhat
redhat
(RHSA-2020:3299) Important: python-pillow security update
2020-08-04 07:13:18
(RHSA-2020:3302) Important: python-pillow security update
2020-08-04 10:18:31
(RHSA-2020:3185) Important: python-pillow security update
2020-07-28 13:17:06
osv
osv
PYSEC-2020-80
2020-06-25 19:15:00
BIT-pillow-2020-11538
2024-03-06 11:06:47
Important: python-pillow security update
2020-07-28 13:17:06
almalinux
almalinux
Important: python-pillow security update
2020-07-28 13:17:06
prion
prion
Out-of-bounds
2020-06-25 19:15:00
github
github
Out-of-bounds read in Pillow
2020-07-27 21:52:36
cve
cve
CVE-2020-11538
2020-06-25 19:15:12
nvd
nvd
CVE-2020-11538
2020-06-25 19:15:12
rocky
rocky
python-pillow security update
2020-07-28 13:17:06
ubuntucve
ubuntucve
CVE-2020-11538
2020-06-25 00:00:00
debiancve
debiancve
CVE-2020-11538
2020-06-25 19:15:12
cvelist
cvelist
CVE-2020-11538
2020-06-25 18:32:06
oraclelinux
oraclelinux
python-pillow security update
2020-07-29 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2020-2024)
2020-09-29 00:00:00
Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2020-1877)
2020-08-31 00:00:00
Mageia: Security Advisory (MGASA-2020-0434)
2022-01-28 00:00:00
ubuntu
ubuntu
Pillow vulnerabilities
2020-07-22 00:00:00
Pillow vulnerabilities
2020-07-23 00:00:00
mageia
mageia
Updated python-pillow packages fix security vulnerabilities
2020-11-23 22:51:37
fedora
fedora
[SECURITY] Fedora 32 Update: python-pillow-7.0.0-4.fc32
2020-07-04 01:14:29
[SECURITY] Fedora 31 Update: python-pillow-6.2.2-3.fc31
2020-07-10 01:02:19
rosalinux
rosalinux
Advisory ROSA-SA-2021-1957
2021-07-02 18:03:40