[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2020-10177":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":23,"aliases":24,"duplicate_of":9,"upstream":28,"downstream":29,"duplicates":52,"related":53,"reserved_at":9,"published_at":59,"modified_at":60,"state":61,"summary":62,"references_raw":71,"kevs":220,"epss":221,"epss_history":224,"metrics":487,"affected":503},"CVE-2020-10177","Pillow before 7.1.0 has multiple out-of-bounds reads in libImaging/FliDecode.c.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-125","Out-of-bounds Read","The product reads data past the end, or before the beginning, of the intended buffer.","weakness","Draft","Base",[19],{"id":20,"name":21,"techniques":22},"CAPEC-540","Overread Buffers",[],[],[25,26,27],"GHSA-cqhg-xjhh-p8hf","BIT-pillow-2020-10177","PYSEC-2020-76",[],[30,32,34,36,38,40,42,44,46,48,50],{"_key":31},"SUSE-RU-2020:2161-1",{"_key":33},"SUSE-SU-2020:2057-1",{"_key":35},"SUSE-SU-2020:2911-1",{"_key":37},"SUSE-SU-2020:3309-1",{"_key":39},"UBUNTU-CVE-2020-10177",{"_key":41},"DLA-2317-1",{"_key":43},"MGASA-2020-0434",{"_key":45},"USN-4430-2",{"_key":47},"USN-4697-2",{"_key":49},"USN-4430-1",{"_key":51},"DEBIAN-CVE-2020-10177",[],[54,55,56,57,58],{"_key":31},{"_key":33},{"_key":35},{"_key":37},{"_key":43},"2020-06-25T18:33:15.000Z","2024-08-04T10:50:57.930Z","Modified",{"cisa_kev":63,"cisa_ransomware":63,"cisa_vendor":9,"epss_severity":64,"epss_score":65,"severity":66,"severity_score":67,"severity_version":68,"severity_source":69,"severity_vector":70,"severity_status":61},false,"low",0.00319,"medium",5.5,"v3.1","nvd","CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",[72,81,87,92,96,102,106,112,116,122,127,131,135,139,143,147,151,155,159,163,167,171,175,179,183,187,191,195,199,204,208,212,216],{"url":73,"sources":74,"tags":77},"https://github.com/python-pillow/Pillow/commits/master/src/libImaging",[75,69,76],"cve.org","osv_pypi",[78,79,80],"X Refsource MISC","Broken Link","WEB",{"url":82,"sources":83,"tags":84},"https://github.com/python-pillow/Pillow/pull/4538",[75,69,76],[78,85,86,80],"Issue Tracking","Patch",{"url":88,"sources":89,"tags":90},"https://pillow.readthedocs.io/en/stable/releasenotes/7.1.0.html",[75,69,76],[78,91,80],"Product",{"url":93,"sources":94,"tags":95},"https://github.com/python-pillow/Pillow/pull/4503",[75,69,76],[78,85,86,80],{"url":97,"sources":98,"tags":99},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HOKHNWV2VS5GESY7IBD237E7C6T3I427/",[75,69],[100,101],"Vendor Advisory","X Refsource FEDORA",{"url":103,"sources":104,"tags":105},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEBCPE4F2VHTIT6EZA2YZQZLPVDEBJGD/",[75,69],[100,101],{"url":107,"sources":108,"tags":109},"https://usn.ubuntu.com/4430-1/",[75,69,76],[100,110,111,80],"X Refsource UBUNTU","Third Party Advisory",{"url":113,"sources":114,"tags":115},"https://usn.ubuntu.com/4430-2/",[75,69,76],[100,110,111,80],{"url":117,"sources":118,"tags":119},"https://lists.debian.org/debian-lts-announce/2020/08/msg00012.html",[75,69,76],[120,121,111,80],"Mailing List","X Refsource MLIST",{"url":123,"sources":124,"tags":125},"https://nvd.nist.gov/vuln/detail/CVE-2020-10177",[76],[126],"Advisory",{"url":128,"sources":129,"tags":130},"https://github.com/python-pillow/Pillow/issues/4750",[76],[80],{"url":132,"sources":133,"tags":134},"https://github.com/python-pillow/Pillow/commit/f6926a041b4b544fd2ced3752542afb6c8c19405",[76],[80],{"url":136,"sources":137,"tags":138},"https://github.com/python-pillow/Pillow/commit/c88b0204d7c930e3bd72626ae6ea078571cc0ea7",[76],[80],{"url":140,"sources":141,"tags":142},"https://github.com/python-pillow/Pillow/commit/c66d8aa75436f334f686fe32bca8e414bcdd18e6",[76],[80],{"url":144,"sources":145,"tags":146},"https://github.com/python-pillow/Pillow/commit/c5edc361fd6450f805a6a444723b0f68190b1d0c",[76],[80],{"url":148,"sources":149,"tags":150},"https://github.com/python-pillow/Pillow/commit/b4e439d6d7fd986cd6b4c7f9ca18830d79dacd44",[76],[80],{"url":152,"sources":153,"tags":154},"https://github.com/python-pillow/Pillow/commit/8d4f3c0c5f2fecf175aeb895e9c2d6d06d85bdc9",[76],[80],{"url":156,"sources":157,"tags":158},"https://github.com/python-pillow/Pillow/commit/5b490fc413dfab2d52de46a58905c25d9badb650",[76],[80],{"url":160,"sources":161,"tags":162},"https://github.com/python-pillow/Pillow/commit/19ff42bd683486a8a308743c76972ef6a6482e9b",[76],[80],{"url":164,"sources":165,"tags":166},"https://github.com/python-pillow/Pillow/commit/11ef7ca53a7d0af4bc52666c29199deffa5fc1bd",[76],[80],{"url":168,"sources":169,"tags":170},"https://github.com/python-pillow/Pillow/commit/088ce4df981b70fbec140ee54417bcb49a7dffca",[76],[80],{"url":172,"sources":173,"tags":174},"https://github.com/python-pillow/Pillow/commit/00c6dd72d9ed0124cec81040b4bab0979a200fe2",[76],[80],{"url":176,"sources":177,"tags":178},"https://pillow.readthedocs.io/en/stable/releasenotes/6.2.3.html",[76],[80],{"url":180,"sources":181,"tags":182},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HOKHNWV2VS5GESY7IBD237E7C6T3I427",[76],[80],{"url":184,"sources":185,"tags":186},"https://snyk.io/vuln/SNYK-PYTHON-PILLOW-574573",[76],[80],{"url":188,"sources":189,"tags":190},"https://usn.ubuntu.com/4430-1",[76],[80],{"url":192,"sources":193,"tags":194},"https://usn.ubuntu.com/4430-2",[76],[80],{"url":196,"sources":197,"tags":198},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BEBCPE4F2VHTIT6EZA2YZQZLPVDEBJGD",[76],[80],{"url":200,"sources":201,"tags":202},"https://github.com/python-pillow/Pillow",[76],[203],"PACKAGE",{"url":205,"sources":206,"tags":207},"https://github.com/pypa/advisory-database/tree/main/vulns/pillow/PYSEC-2020-76.yaml",[76],[80],{"url":209,"sources":210,"tags":211},"https://github.com/advisories/GHSA-cqhg-xjhh-p8hf",[76],[126],{"url":213,"sources":214,"tags":215},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HOKHNWV2VS5GESY7IBD237E7C6T3I427/",[76],[80],{"url":217,"sources":218,"tags":219},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BEBCPE4F2VHTIT6EZA2YZQZLPVDEBJGD/",[76],[80],[],{"date":222,"score":65,"percentile":223},"2026-06-04",0.55266,[225,229,232,235,237,240,243,247,250,254,257,260,263,266,269,273,276,278,281,284,287,290,293,296,299,302,305,308,311,313,316,319,321,323,326,329,332,335,338,341,344,347,350,353,356,359,362,365,367,370,373,376,379,382,386,389,391,394,396,399,402,405,408,411,413,416,419,422,425,428,430,433,435,437,440,443,446,449,452,455,458,461,464,467,470,473,476,479,482,484],{"date":226,"score":227,"percentile":228},"2025-11-04",0.00308,0.53534,{"date":230,"score":227,"percentile":231},"2025-11-05",0.53494,{"date":233,"score":227,"percentile":234},"2025-11-06",0.5351,{"date":236,"score":227,"percentile":228},"2025-11-07",{"date":238,"score":227,"percentile":239},"2025-11-08",0.53535,{"date":241,"score":227,"percentile":242},"2025-11-09",0.53532,{"date":244,"score":245,"percentile":246},"2025-11-10",0.00433,0.61949,{"date":248,"score":245,"percentile":249},"2025-11-11",0.61962,{"date":251,"score":252,"percentile":253},"2025-11-12",0.0012,0.31683,{"date":255,"score":252,"percentile":256},"2025-11-13",0.31702,{"date":258,"score":252,"percentile":259},"2025-11-14",0.31705,{"date":261,"score":252,"percentile":262},"2025-11-15",0.31706,{"date":264,"score":252,"percentile":265},"2025-11-16",0.3167,{"date":267,"score":252,"percentile":268},"2025-11-17",0.31646,{"date":270,"score":271,"percentile":272},"2025-11-18",0.00326,0.5255,{"date":274,"score":271,"percentile":275},"2025-11-19",0.52563,{"date":277,"score":271,"percentile":272},"2025-11-20",{"date":279,"score":252,"percentile":280},"2025-11-21",0.31687,{"date":282,"score":252,"percentile":283},"2025-11-22",0.31692,{"date":285,"score":252,"percentile":286},"2025-11-23",0.31664,{"date":288,"score":252,"percentile":289},"2025-11-24",0.31641,{"date":291,"score":252,"percentile":292},"2025-11-25",0.31636,{"date":294,"score":252,"percentile":295},"2025-11-26",0.31638,{"date":297,"score":252,"percentile":298},"2025-11-27",0.31651,{"date":300,"score":252,"percentile":301},"2025-11-28",0.3163,{"date":303,"score":252,"percentile":304},"2025-11-29",0.31613,{"date":306,"score":252,"percentile":307},"2025-11-30",0.31593,{"date":309,"score":252,"percentile":310},"2025-12-01",0.31672,{"date":312,"score":252,"percentile":256},"2025-12-02",{"date":314,"score":252,"percentile":315},"2025-12-03",0.31701,{"date":317,"score":252,"percentile":318},"2025-12-04",0.31598,{"date":320,"score":252,"percentile":292},"2025-12-05",{"date":322,"score":252,"percentile":292},"2025-12-06",{"date":324,"score":252,"percentile":325},"2025-12-07",0.31608,{"date":327,"score":252,"percentile":328},"2025-12-08",0.31621,{"date":330,"score":252,"percentile":331},"2025-12-09",0.31673,{"date":333,"score":252,"percentile":334},"2025-12-10",0.31733,{"date":336,"score":252,"percentile":337},"2025-12-11",0.31767,{"date":339,"score":252,"percentile":340},"2025-12-12",0.31801,{"date":342,"score":252,"percentile":343},"2025-12-13",0.31788,{"date":345,"score":252,"percentile":346},"2025-12-14",0.31762,{"date":348,"score":252,"percentile":349},"2025-12-15",0.3171,{"date":351,"score":252,"percentile":352},"2025-12-16",0.31728,{"date":354,"score":252,"percentile":355},"2025-12-17",0.31779,{"date":357,"score":252,"percentile":358},"2025-12-18",0.31828,{"date":360,"score":252,"percentile":361},"2025-12-19",0.31854,{"date":363,"score":252,"percentile":364},"2025-12-20",0.31835,{"date":366,"score":252,"percentile":355},"2025-12-21",{"date":368,"score":252,"percentile":369},"2025-12-22",0.31747,{"date":371,"score":252,"percentile":372},"2025-12-23",0.31727,{"date":374,"score":252,"percentile":375},"2025-12-24",0.31721,{"date":377,"score":252,"percentile":378},"2025-12-25",0.31795,{"date":380,"score":252,"percentile":381},"2025-12-26",0.31781,{"date":383,"score":384,"percentile":385},"2025-12-27",0.001,0.2856,{"date":387,"score":252,"percentile":388},"2025-12-28",0.31716,{"date":390,"score":252,"percentile":253},"2025-12-29",{"date":392,"score":252,"percentile":393},"2025-12-30",0.31677,{"date":395,"score":252,"percentile":372},"2025-12-31",{"date":397,"score":252,"percentile":398},"2026-01-01",0.3187,{"date":400,"score":252,"percentile":401},"2026-01-02",0.31859,{"date":403,"score":252,"percentile":404},"2026-01-03",0.31839,{"date":406,"score":252,"percentile":407},"2026-01-04",0.317,{"date":409,"score":252,"percentile":410},"2026-01-05",0.31688,{"date":412,"score":252,"percentile":315},"2026-01-06",{"date":414,"score":252,"percentile":415},"2026-01-07",0.31724,{"date":417,"score":252,"percentile":418},"2026-01-08",0.31751,{"date":420,"score":252,"percentile":421},"2026-01-09",0.31746,{"date":423,"score":252,"percentile":424},"2026-01-10",0.31749,{"date":426,"score":252,"percentile":427},"2026-01-11",0.31714,{"date":429,"score":252,"percentile":289},"2026-01-12",{"date":431,"score":252,"percentile":432},"2026-01-13",0.31628,{"date":434,"score":252,"percentile":310},"2026-01-14",{"date":436,"score":252,"percentile":265},"2026-01-15",{"date":438,"score":252,"percentile":439},"2026-01-16",0.31694,{"date":441,"score":252,"percentile":442},"2026-01-17",0.3169,{"date":444,"score":252,"percentile":445},"2026-01-18",0.31635,{"date":447,"score":252,"percentile":448},"2026-01-19",0.31601,{"date":450,"score":252,"percentile":451},"2026-01-20",0.31586,{"date":453,"score":252,"percentile":454},"2026-01-21",0.31536,{"date":456,"score":252,"percentile":457},"2026-01-22",0.31512,{"date":459,"score":252,"percentile":460},"2026-01-23",0.31576,{"date":462,"score":252,"percentile":463},"2026-01-24",0.31589,{"date":465,"score":252,"percentile":466},"2026-01-25",0.31519,{"date":468,"score":252,"percentile":469},"2026-01-26",0.31428,{"date":471,"score":252,"percentile":472},"2026-01-27",0.31415,{"date":474,"score":252,"percentile":475},"2026-01-28",0.3139,{"date":477,"score":252,"percentile":478},"2026-01-29",0.31345,{"date":480,"score":252,"percentile":481},"2026-01-30",0.31332,{"date":483,"score":252,"percentile":478},"2026-01-31",{"date":485,"score":252,"percentile":486},"2026-02-01",0.3143,[488,498],{"source":69,"cvss_v2_0":489,"cvss_v3_0":9,"cvss_v3_1":494,"cvss_v4_0":9},{"baseScore":490,"baseSeverity":9,"vectorString":491,"impactScore":492,"exploitabilityScore":493},4.3,"AV:N/AC:M/Au:N/C:P/I:N/A:N",2.9,8.6,{"baseScore":67,"baseSeverity":495,"vectorString":70,"impactScore":496,"exploitabilityScore":497},"MEDIUM",6,4.6,{"source":76,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":499,"cvss_v4_0":500},{"baseScore":67,"baseSeverity":9,"vectorString":70,"impactScore":496,"exploitabilityScore":497},{"baseScore":501,"baseSeverity":9,"vectorString":502,"impactScore":9,"exploitabilityScore":9},7.1,"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",[504,517,524,532,543],{"ecosystem":9,"name":505,"vendor":506,"product":507,"cpe_part":508,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":509},"ubuntu linux","canonical","ubuntu_linux","o",[510,513,515],{"version":511,"is_range":63,"range_type":512,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"16.04","cpe",{"version":514,"is_range":63,"range_type":512,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"18.04",{"version":516,"is_range":63,"range_type":512,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"20.04",{"ecosystem":9,"name":518,"vendor":519,"product":520,"cpe_part":508,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":521},"debian linux","debian","debian_linux",[522],{"version":523,"is_range":63,"range_type":512,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0",{"ecosystem":9,"name":525,"vendor":526,"product":525,"cpe_part":508,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":527},"fedora","fedoraproject",[528,530],{"version":529,"is_range":63,"range_type":512,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"31",{"version":531,"is_range":63,"range_type":512,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"32",{"ecosystem":533,"name":534,"vendor":533,"product":534,"cpe_part":9,"purl_type":535,"purl_namespace":9,"purl_name":534,"source":9,"versions":536},"PyPI","pillow","pypi",[537],{"version":538,"is_range":539,"range_type":540,"version_start":9,"version_start_type":9,"version_end":541,"version_end_type":542,"fixed_in":9},"lt7_1_0",true,"ecosystem","7.1.0","excluding",{"ecosystem":9,"name":534,"vendor":544,"product":534,"cpe_part":545,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":546},"python","a",[547],{"version":548,"is_range":539,"range_type":512,"version_start":9,"version_start_type":9,"version_end":541,"version_end_type":542,"fixed_in":9},"lt7.1.0"]