CVE-2020-35655 – In Pillow before 8.1.0, SGIRleDecode has a 4-byte buffer over-read when decoding crafted S …

Vuln ID: CVE-2020-35655

Published:  2021-01-12  09:15:13Z

Description: In Pillow before 8.1.0, SGIRleDecode has a 4-byte buffer over-read when decoding crafted SGI RLE image files because offsets and length tables are mishandled.

Source: NVD.NIST.GOV