File tree Expand file tree Collapse file tree 1 file changed +5
-5
lines changed Expand file tree Collapse file tree 1 file changed +5
-5
lines changed Original file line number Diff line number Diff line change @@ -20,11 +20,11 @@ that could be used as a DOS attack.
2020:cve: `CVE-2021-25293 `: There is an out-of-bounds read in ``SgiRleDecode.c ``,
2121since Pillow 4.3.0.
2222
23- There is an exhaustion of memory DOS in the ICNS, ICO, and BLP
24- container formats where Pillow did not properly check the reported
25- size of the contained image. These images could cause arbitrarily
26- large memory allocations. This was reported by Jiayi Lin, Luke
27- Shaffer, Xinran Xie, and Akshay Ajayan of
23+ There is an exhaustion of memory DOS in the BLP ( :cve: ` CVE-2021-27921 `),
24+ ICNS ( :cve: ` CVE-2021-27922 `) and ICO ( :cve: ` CVE-2021-27923 `) container formats
25+ where Pillow did not properly check the reported size of the contained image.
26+ These images could cause arbitrarily large memory allocations. This was reported
27+ by Jiayi Lin, Luke Shaffer, Xinran Xie, and Akshay Ajayan of
2828`Arizona State University <https://www.asu.edu/ >`_.
2929
3030
You can’t perform that action at this time.
0 commit comments