CVE-2020-5311

Public on 2020-01-03
Modified on 2023-06-27
Description
libImaging/SgiRleDecode.c in Pillow before 6.2.2 has an SGI buffer overflow.
Severity
Critical severity
Critical
CVSS v3 Base Score
9.8
See breakdown

Affected Packages

Platform Package Release Date Advisory Status
Amazon Linux 2 - Core python-pillow Not Affected
Amazon Linux 2023 python-pillow Not Affected

CVSS Scores

Score Type Score Vector
Amazon Linux CVSSv3 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
NVD CVSSv2 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P
NVD CVSSv3 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

Red Hat: CVE-2020-5311 Mitre: CVE-2020-5311