| Max CVSS | 6.8 | Min CVSS | 5.8 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2020-35653 | 5.8 |
In Pillow before 8.1.0, PcxDecode has a buffer over-read when decoding a crafted PCX file because the user-supplied stride value is trusted for buffer calculations.
|
22-04-2022 - 18:54 | 12-01-2021 - 09:15 | |
| CVE-2020-35654 | 6.8 |
In Pillow before 8.1.0, TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode.
|
22-03-2021 - 15:48 | 12-01-2021 - 09:15 | |
| CVE-2020-35655 | 5.8 |
In Pillow before 8.1.0, SGIRleDecode has a 4-byte buffer over-read when decoding crafted SGI RLE image files because offsets and length tables are mishandled.
|
29-01-2021 - 00:46 | 12-01-2021 - 09:15 |