CVE-2020-5313

Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-5313.json

Aliases

• DLA-2057-1
• DSA-4631-1
• GHSA-hj69-c76v-86wr ( PYSEC-2020-84 )
• PYSEC-2020-84

Published

2020-01-03T01:15:00Z

Modified

2023-01-24T01:43:00Z

Details

libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overflow.

References

• https://github.com/python-pillow/Pillow/commit/a09acd0decd8a87ccce939d5ff65dab59e7d365b
• https://pillow.readthedocs.io/en/stable/releasenotes/6.2.2.html
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MMU3WT2X64GS5WHDPKKC2WZA7UIIQ3A/
• https://usn.ubuntu.com/4272-1/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3DUMIBUYGJRAVJCTFUWBRLVQKOUTVX5P/
• https://www.debian.org/security/2020/dsa-4631