Vulnerabilities > Python > Pillow > 5.4.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-25 | CVE-2020-10378 | Out-of-bounds Read vulnerability in multiple products In libImaging/PcxDecode.c in Pillow before 7.1.0, an out-of-bounds read can occur when reading PCX files where state->shuffle is instructed to read beyond state->buffer. | 5.5 |
| 2020-06-25 | CVE-2020-10177 | Out-of-bounds Read vulnerability in multiple products Pillow before 7.1.0 has multiple out-of-bounds reads in libImaging/FliDecode.c. | 5.5 |
| 2020-01-05 | CVE-2019-19911 | Integer Overflow or Wraparound vulnerability in multiple products There is a DoS vulnerability in Pillow before 6.2.2 caused by FpxImagePlugin.py calling the range function on an unvalidated 32-bit integer if the number of bands is large. | 7.5 |
| 2020-01-03 | CVE-2020-5313 | Out-of-bounds Read vulnerability in multiple products libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overflow. | 7.1 |
| 2020-01-03 | CVE-2020-5312 | Classic Buffer Overflow vulnerability in multiple products libImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode buffer overflow. | 9.8 |
| 2020-01-03 | CVE-2020-5311 | Classic Buffer Overflow vulnerability in multiple products libImaging/SgiRleDecode.c in Pillow before 6.2.2 has an SGI buffer overflow. | 9.8 |
| 2020-01-03 | CVE-2020-5310 | Integer Overflow or Wraparound vulnerability in multiple products libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc. | 8.8 |
| 2019-10-04 | CVE-2019-16865 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products An issue was discovered in Pillow before 6.2.0. | 7.5 |