Search for packages
| purl | pkg:alpm/archlinux/python-pillow@8.0.1-3 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-6f35-8ga9-aaaa
Aliases: BIT-2020-35654 BIT-pillow-2020-35654 CVE-2020-35654 GHSA-vqcj-wrf2-7v73 PYSEC-2021-70 |
In Pillow before 8.1.0, TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode. |
Affected by 8 other vulnerabilities. |
|
VCID-74uz-4rc6-aaaj
Aliases: BIT-2020-35655 BIT-pillow-2020-35655 CVE-2020-35655 GHSA-hf64-x4gq-p99h PYSEC-2021-71 |
In Pillow before 8.1.0, SGIRleDecode has a 4-byte buffer over-read when decoding crafted SGI RLE image files because offsets and length tables are mishandled. |
Affected by 8 other vulnerabilities. |
|
VCID-ncsj-wt9v-aaah
Aliases: BIT-2020-35653 BIT-pillow-2020-35653 CVE-2020-35653 GHSA-f5g8-5qq7-938w PYSEC-2021-69 |
In Pillow before 8.1.0, PcxDecode has a buffer over-read when decoding a crafted PCX file because the user-supplied stride value is trusted for buffer calculations. |
Affected by 8 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-03-28T07:46:46.402456+00:00 | Arch Linux Importer | Affected by | VCID-ncsj-wt9v-aaah | https://security.archlinux.org/AVG-1438 | 36.0.0 |
| 2025-03-28T07:46:46.368101+00:00 | Arch Linux Importer | Affected by | VCID-6f35-8ga9-aaaa | https://security.archlinux.org/AVG-1438 | 36.0.0 |
| 2025-03-28T07:46:46.334990+00:00 | Arch Linux Importer | Affected by | VCID-74uz-4rc6-aaaj | https://security.archlinux.org/AVG-1438 | 36.0.0 |
| 2024-10-17T07:47:45.414167+00:00 | Arch Linux Importer | Affected by | VCID-ncsj-wt9v-aaah | https://security.archlinux.org/AVG-1438 | 34.0.2 |
| 2024-10-17T07:47:45.386248+00:00 | Arch Linux Importer | Affected by | VCID-6f35-8ga9-aaaa | https://security.archlinux.org/AVG-1438 | 34.0.2 |
| 2024-10-17T07:47:45.355062+00:00 | Arch Linux Importer | Affected by | VCID-74uz-4rc6-aaaj | https://security.archlinux.org/AVG-1438 | 34.0.2 |
| 2024-09-18T02:02:07.316087+00:00 | Arch Linux Importer | Affected by | VCID-ncsj-wt9v-aaah | https://security.archlinux.org/AVG-1438 | 34.0.1 |
| 2024-09-18T02:02:07.294364+00:00 | Arch Linux Importer | Affected by | VCID-6f35-8ga9-aaaa | https://security.archlinux.org/AVG-1438 | 34.0.1 |
| 2024-09-18T02:02:07.272358+00:00 | Arch Linux Importer | Affected by | VCID-74uz-4rc6-aaaj | https://security.archlinux.org/AVG-1438 | 34.0.1 |
| 2024-04-23T19:47:33.925896+00:00 | Arch Linux Importer | Affected by | VCID-ncsj-wt9v-aaah | https://security.archlinux.org/AVG-1438 | 34.0.0rc4 |
| 2024-04-23T19:47:33.903884+00:00 | Arch Linux Importer | Affected by | VCID-6f35-8ga9-aaaa | https://security.archlinux.org/AVG-1438 | 34.0.0rc4 |
| 2024-04-23T19:47:33.880953+00:00 | Arch Linux Importer | Affected by | VCID-74uz-4rc6-aaaj | https://security.archlinux.org/AVG-1438 | 34.0.0rc4 |
| 2024-01-03T22:28:09.786092+00:00 | Arch Linux Importer | Affected by | VCID-ncsj-wt9v-aaah | https://security.archlinux.org/AVG-1438 | 34.0.0rc1 |
| 2024-01-03T22:28:09.761835+00:00 | Arch Linux Importer | Affected by | VCID-6f35-8ga9-aaaa | https://security.archlinux.org/AVG-1438 | 34.0.0rc1 |
| 2024-01-03T22:28:09.735433+00:00 | Arch Linux Importer | Affected by | VCID-74uz-4rc6-aaaj | https://security.archlinux.org/AVG-1438 | 34.0.0rc1 |