Showing 1 - 2 of 2

CVE-2020-5310

Status Candidate

Overview

libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc.

Red Hat Security Advisory 2021-0420-01: Posted Feb 4, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-0420-01 - Quay 3.4.0 release. Issues addressed include HTTP request smuggling, buffer overflow, information leakage, integer overflow, out of bounds read, and out of bounds write vulnerabilities.; tags | advisory, web, overflow, vulnerability; systems | linux, redhat; advisories | CVE-2019-16785, CVE-2019-16786, CVE-2019-16789, CVE-2019-19911, CVE-2019-20477, CVE-2019-3866, CVE-2020-10177, CVE-2020-10378, CVE-2020-10379, CVE-2020-10994, CVE-2020-11538, CVE-2020-14040, CVE-2020-5310, CVE-2020-5311, CVE-2020-5312, CVE-2020-5313, CVE-2020-8131; SHA-256 | fc1c021d43cf16f4b5a7a35f8b5247813c911163c4070cc206c22b06869fb2c6; Download | Favorite | View

Ubuntu Security Notice USN-4272-1: Posted Feb 7, 2020; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 4272-1 - It was discovered that Pillow incorrectly handled certain images. An attacker could possibly use this issue to cause a denial of service. It was discovered that Pillow incorrectly handled certain images. An attacker could possibly use this issue to execute arbitrary code. It was discovered that Pillow incorrectly handled certain TIFF images. An attacker could possibly use this issue to cause a crash. This issue only affected Ubuntu 19.10. Various other issues were also addressed.; tags | advisory, denial of service, arbitrary; systems | linux, ubuntu; advisories | CVE-2019-16865, CVE-2020-5310, CVE-2020-5311, CVE-2020-5312, CVE-2020-5313; SHA-256 | a2d877c631b714e8902eee8ea0e5823efaabf23295ff8d2d0460d5627d440e10; Download | Favorite | View

Page 1 of 1 Back 1 Next