Note
More information about this vulnerability included in database record 2021-25289
The previous fix for 2020-35654
was insufficient due to incorrect error checking in TiffDecode.c
.
Note
More information about this vulnerability included in database record 2021-25290
In TiffDecode.c
, there is a negative-offset memcpy
with an invalid size.
Note
More information about this vulnerability included in database record 2021-25291
In TiffDecode.c
, invalid tile boundaries could lead to an out-of-bounds read in TIFFReadRGBATile
.
Note
More information about this vulnerability included in database record 2021-25292
:
The PDF parser has a catastrophic backtracking regex that could be used as a DOS attack.
Note
More information about this vulnerability included in database record 2021-25293
There is an out-of-bounds read in SgiRleDecode.c
since Pillow 4.3.0.
A crash with the feature flags for libimagequant, libjpeg-turbo, WebP and XCB on unreleased Python 3.10 has been fixed (5193
).