All vulnerabilities

CVE-2021-25290

Out-of-bounds Write in Pillow

Description

An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is a negative-offset memcpy with an invalid size.

Patch Available

Fix available through Seal Security. No upgrade required, protect your application instantly.

Fix without upgrading
Score
7.5
Severity
High
Ecosystem
Python
Publish Date
March 19, 2021
Modified Date
December 5, 2023
Score Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Versions