Skip to main content
CVE-2020-5312 CRITICAL PATCH Act Now

libImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode buffer overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Pillow Ubuntu Linux Debian Linux Fedora
NVD GitHub
CVSS 3.1
9.8
EPSS
3.7%
CVE-2020-5311 CRITICAL PATCH Act Now

libImaging/SgiRleDecode.c in Pillow before 6.2.2 has an SGI buffer overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Pillow Ubuntu Linux Debian Linux Fedora
NVD GitHub
CVSS 3.1
9.8
EPSS
4.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy