CVE-2021-25293

Public on 2021-03-19

Modified on 2023-05-05

Description

An issue was discovered in Pillow before 8.1.1. There is an out-of-bounds read in SGIRleDecode.c.

Severity

Medium

CVSS v3 Base Score

5.3

See breakdown

Affected Packages

Platform	Package	Release Date	Advisory	Status
Amazon Linux 2 - Core	python-pillow			Not Affected
Amazon Linux 2023	python-pillow	2023-03-20	ALAS2023-2023-146	Fixed