Pillow

python-pillow/Pillow

Fork 0

mirror of https://github.com/python-pillow/Pillow.git synced 2024-09-21 11:28:58 +03:00

Commit Graph

Author	SHA1	Message	Date
Eric Soroos	496245aa43	Fix BLP DOS -- CVE-2021-28678 * BlpImagePlugin did not properly check that reads after jumping to file offsets returned data. This could lead to a DOS where the decoder could be run a large number of times on empty data * This dates to Pillow 5.1.0	2021-04-01 17:17:35 +03:00

Author

SHA1

Message

Date

Eric Soroos

496245aa43

Fix BLP DOS -- CVE-2021-28678

* BlpImagePlugin did not properly check that reads after jumping to
  file offsets returned data. This could lead to a DOS where the
  decoder could be run a large number of times on empty data
* This dates to Pillow 5.1.0

2021-04-01 17:17:35 +03:00

1 Commits