[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2020-5310":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":24,"aliases":25,"duplicate_of":9,"upstream":29,"downstream":30,"duplicates":37,"related":38,"reserved_at":9,"published_at":40,"modified_at":41,"state":42,"summary":43,"references_raw":52,"kevs":126,"epss":127,"epss_history":130,"metrics":391,"affected":407},"CVE-2020-5310","libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-190","Integer Overflow or Wraparound","The product performs a calculation that can\n         produce an integer overflow or wraparound when the logic\n         assumes that the resulting value will always be larger than\n         the original value. This occurs when an integer value is\n         incremented to a value that is too large to store in the\n         associated representation. When this occurs, the value may\n         become a very small or negative number.","weakness","Stable","Base","Medium",[20],{"id":21,"name":22,"techniques":23},"CAPEC-92","Forced Integer Overflow",[],[],[26,27,28],"GHSA-vcqg-3p29-xw73","BIT-pillow-2020-5310","PYSEC-2020-81",[],[31,33,35],{"_key":32},"ALPINE-CVE-2020-5310",{"_key":34},"MGASA-2020-0088",{"_key":36},"DEBIAN-CVE-2020-5310",[],[39],{"_key":34},"2020-01-03T00:52:55.000Z","2024-08-04T08:22:09.147Z","Modified",{"cisa_kev":44,"cisa_ransomware":44,"cisa_vendor":9,"epss_severity":45,"epss_score":46,"severity":47,"severity_score":48,"severity_version":49,"severity_source":50,"severity_vector":51,"severity_status":42},false,"low",0.00608,"high",8.8,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",[53,63,69,75,80,84,89,93,97,101,106,110,114,118,122],{"url":54,"sources":55,"tags":58},"https://pillow.readthedocs.io/en/stable/releasenotes/6.2.2.html",[56,50,57],"cve.org","osv_pypi",[59,60,61,62],"X Refsource MISC","Release Notes","Third Party Advisory","WEB",{"url":64,"sources":65,"tags":66},"https://github.com/python-pillow/Pillow/commit/4e2def2539ec13e53a82e06c4b3daf00454100c4",[56,50,57],[59,67,61,62,68],"Patch","FIX",{"url":70,"sources":71,"tags":72},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MMU3WT2X64GS5WHDPKKC2WZA7UIIQ3A/",[56,50],[73,74],"Vendor Advisory","X Refsource FEDORA",{"url":76,"sources":77,"tags":78},"https://usn.ubuntu.com/4272-1/",[56,50,57],[73,79,61,62],"X Refsource UBUNTU",{"url":81,"sources":82,"tags":83},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3DUMIBUYGJRAVJCTFUWBRLVQKOUTVX5P/",[56,50],[73,74],{"url":85,"sources":86,"tags":87},"https://nvd.nist.gov/vuln/detail/CVE-2020-5310",[57],[88],"Advisory",{"url":90,"sources":91,"tags":92},"https://github.com/advisories/GHSA-vcqg-3p29-xw73",[57],[88],{"url":94,"sources":95,"tags":96},"https://github.com/pypa/advisory-database/tree/main/vulns/pillow/PYSEC-2020-81.yaml",[57],[62],{"url":98,"sources":99,"tags":100},"https://github.com/pypa/advisory-db/blob/7872b0a91b4d980f749e6d75a81f8cc1af32829f/vulns/pillow/PYSEC-2020-81.yaml",[57],[62],{"url":102,"sources":103,"tags":104},"https://github.com/python-pillow/Pillow",[57],[105],"PACKAGE",{"url":107,"sources":108,"tags":109},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MMU3WT2X64GS5WHDPKKC2WZA7UIIQ3A",[57],[62],{"url":111,"sources":112,"tags":113},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3DUMIBUYGJRAVJCTFUWBRLVQKOUTVX5P",[57],[62],{"url":115,"sources":116,"tags":117},"https://usn.ubuntu.com/4272-1",[57],[62],{"url":119,"sources":120,"tags":121},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MMU3WT2X64GS5WHDPKKC2WZA7UIIQ3A/",[57],[62],{"url":123,"sources":124,"tags":125},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3DUMIBUYGJRAVJCTFUWBRLVQKOUTVX5P/",[57],[62],[],{"date":128,"score":46,"percentile":129},"2026-06-04",0.7008,[131,135,138,141,144,146,149,152,154,157,160,163,166,169,171,175,178,181,184,187,190,193,196,199,202,205,208,210,213,216,219,222,224,226,229,231,234,237,240,243,246,249,252,255,257,260,263,266,269,272,275,278,281,284,288,290,293,296,299,302,305,308,311,314,316,319,322,325,328,331,334,336,339,342,345,348,351,354,356,359,362,365,368,371,374,376,379,382,385,388],{"date":132,"score":133,"percentile":134},"2025-11-04",0.00611,0.68955,{"date":136,"score":133,"percentile":137},"2025-11-05",0.68941,{"date":139,"score":133,"percentile":140},"2025-11-06",0.68939,{"date":142,"score":133,"percentile":143},"2025-11-07",0.68952,{"date":145,"score":133,"percentile":143},"2025-11-08",{"date":147,"score":133,"percentile":148},"2025-11-09",0.68942,{"date":150,"score":133,"percentile":151},"2025-11-10",0.68933,{"date":153,"score":133,"percentile":137},"2025-11-11",{"date":155,"score":133,"percentile":156},"2025-11-12",0.68964,{"date":158,"score":133,"percentile":159},"2025-11-13",0.68972,{"date":161,"score":133,"percentile":162},"2025-11-14",0.6898,{"date":164,"score":133,"percentile":165},"2025-11-15",0.68977,{"date":167,"score":133,"percentile":168},"2025-11-16",0.68974,{"date":170,"score":133,"percentile":159},"2025-11-17",{"date":172,"score":173,"percentile":174},"2025-11-18",0.00511,0.63835,{"date":176,"score":173,"percentile":177},"2025-11-19",0.63847,{"date":179,"score":173,"percentile":180},"2025-11-20",0.63848,{"date":182,"score":133,"percentile":183},"2025-11-21",0.6899,{"date":185,"score":133,"percentile":186},"2025-11-22",0.68986,{"date":188,"score":133,"percentile":189},"2025-11-23",0.68976,{"date":191,"score":133,"percentile":192},"2025-11-24",0.68965,{"date":194,"score":133,"percentile":195},"2025-11-25",0.68971,{"date":197,"score":133,"percentile":198},"2025-11-26",0.68978,{"date":200,"score":133,"percentile":201},"2025-11-27",0.68981,{"date":203,"score":133,"percentile":204},"2025-11-28",0.68969,{"date":206,"score":133,"percentile":207},"2025-11-29",0.68957,{"date":209,"score":133,"percentile":143},"2025-11-30",{"date":211,"score":133,"percentile":212},"2025-12-01",0.69102,{"date":214,"score":133,"percentile":215},"2025-12-02",0.6911,{"date":217,"score":133,"percentile":218},"2025-12-03",0.69107,{"date":220,"score":133,"percentile":221},"2025-12-04",0.68948,{"date":223,"score":133,"percentile":156},"2025-12-05",{"date":225,"score":133,"percentile":204},"2025-12-06",{"date":227,"score":133,"percentile":228},"2025-12-07",0.68963,{"date":230,"score":133,"percentile":204},"2025-12-08",{"date":232,"score":133,"percentile":233},"2025-12-09",0.68998,{"date":235,"score":133,"percentile":236},"2025-12-10",0.6904,{"date":238,"score":133,"percentile":239},"2025-12-11",0.69061,{"date":241,"score":133,"percentile":242},"2025-12-12",0.69088,{"date":244,"score":133,"percentile":245},"2025-12-13",0.69089,{"date":247,"score":133,"percentile":248},"2025-12-14",0.69092,{"date":250,"score":133,"percentile":251},"2025-12-15",0.6909,{"date":253,"score":133,"percentile":254},"2025-12-16",0.69098,{"date":256,"score":133,"percentile":215},"2025-12-17",{"date":258,"score":133,"percentile":259},"2025-12-18",0.6914,{"date":261,"score":133,"percentile":262},"2025-12-19",0.69158,{"date":264,"score":133,"percentile":265},"2025-12-20",0.69157,{"date":267,"score":133,"percentile":268},"2025-12-21",0.69141,{"date":270,"score":133,"percentile":271},"2025-12-22",0.69144,{"date":273,"score":133,"percentile":274},"2025-12-23",0.69142,{"date":276,"score":133,"percentile":277},"2025-12-24",0.69148,{"date":279,"score":133,"percentile":280},"2025-12-25",0.69174,{"date":282,"score":133,"percentile":283},"2025-12-26",0.69176,{"date":285,"score":286,"percentile":287},"2025-12-27",0.00513,0.65901,{"date":289,"score":133,"percentile":277},"2025-12-28",{"date":291,"score":133,"percentile":292},"2025-12-29",0.69143,{"date":294,"score":133,"percentile":295},"2025-12-30",0.69156,{"date":297,"score":133,"percentile":298},"2025-12-31",0.69173,{"date":300,"score":133,"percentile":301},"2026-01-01",0.69342,{"date":303,"score":133,"percentile":304},"2026-01-02",0.69334,{"date":306,"score":133,"percentile":307},"2026-01-03",0.69333,{"date":309,"score":133,"percentile":310},"2026-01-04",0.69177,{"date":312,"score":133,"percentile":313},"2026-01-05",0.69163,{"date":315,"score":133,"percentile":280},"2026-01-06",{"date":317,"score":133,"percentile":318},"2026-01-07",0.69188,{"date":320,"score":133,"percentile":321},"2026-01-08",0.69205,{"date":323,"score":133,"percentile":324},"2026-01-09",0.69211,{"date":326,"score":133,"percentile":327},"2026-01-10",0.69212,{"date":329,"score":133,"percentile":330},"2026-01-11",0.69203,{"date":332,"score":133,"percentile":333},"2026-01-12",0.69196,{"date":335,"score":133,"percentile":333},"2026-01-13",{"date":337,"score":133,"percentile":338},"2026-01-14",0.69226,{"date":340,"score":133,"percentile":341},"2026-01-15",0.6923,{"date":343,"score":133,"percentile":344},"2026-01-16",0.69246,{"date":346,"score":133,"percentile":347},"2026-01-17",0.69237,{"date":349,"score":133,"percentile":350},"2026-01-18",0.69223,{"date":352,"score":133,"percentile":353},"2026-01-19",0.69214,{"date":355,"score":133,"percentile":350},"2026-01-20",{"date":357,"score":133,"percentile":358},"2026-01-21",0.69232,{"date":360,"score":133,"percentile":361},"2026-01-22",0.69243,{"date":363,"score":133,"percentile":364},"2026-01-23",0.69272,{"date":366,"score":133,"percentile":367},"2026-01-24",0.6928,{"date":369,"score":133,"percentile":370},"2026-01-25",0.69249,{"date":372,"score":133,"percentile":373},"2026-01-26",0.69245,{"date":375,"score":133,"percentile":370},"2026-01-27",{"date":377,"score":133,"percentile":378},"2026-01-28",0.69259,{"date":380,"score":133,"percentile":381},"2026-01-29",0.69258,{"date":383,"score":133,"percentile":384},"2026-01-30",0.69264,{"date":386,"score":133,"percentile":387},"2026-01-31",0.6927,{"date":389,"score":133,"percentile":390},"2026-02-01",0.69414,[392,402],{"source":50,"cvss_v2_0":393,"cvss_v3_0":9,"cvss_v3_1":398,"cvss_v4_0":9},{"baseScore":394,"baseSeverity":9,"vectorString":395,"impactScore":396,"exploitabilityScore":397},6.8,"AV:N/AC:M/Au:N/C:P/I:P/A:P",6.4,8.6,{"baseScore":48,"baseSeverity":399,"vectorString":51,"impactScore":400,"exploitabilityScore":401},"HIGH",9.8,7.2,{"source":57,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":403,"cvss_v4_0":404},{"baseScore":48,"baseSeverity":9,"vectorString":51,"impactScore":400,"exploitabilityScore":401},{"baseScore":405,"baseSeverity":9,"vectorString":406,"impactScore":9,"exploitabilityScore":9},9.3,"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",[408,423,431,445],{"ecosystem":9,"name":409,"vendor":410,"product":411,"cpe_part":412,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":413},"ubuntu linux","canonical","ubuntu_linux","o",[414,417,419,421],{"version":415,"is_range":44,"range_type":416,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"14.04","cpe",{"version":418,"is_range":44,"range_type":416,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"16.04",{"version":420,"is_range":44,"range_type":416,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"18.04",{"version":422,"is_range":44,"range_type":416,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"19.10",{"ecosystem":9,"name":424,"vendor":425,"product":424,"cpe_part":412,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":426},"fedora","fedoraproject",[427,429],{"version":428,"is_range":44,"range_type":416,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"30",{"version":430,"is_range":44,"range_type":416,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"31",{"ecosystem":432,"name":433,"vendor":432,"product":433,"cpe_part":9,"purl_type":434,"purl_namespace":9,"purl_name":433,"source":9,"versions":435},"PyPI","pillow","pypi",[436,442],{"version":437,"is_range":438,"range_type":439,"version_start":9,"version_start_type":9,"version_end":440,"version_end_type":441,"fixed_in":9},"lt4e2def2539ec13e53a82e06c4b3daf00454100c4",true,"ecosystem","4e2def2539ec13e53a82e06c4b3daf00454100c4","excluding",{"version":443,"is_range":438,"range_type":439,"version_start":9,"version_start_type":9,"version_end":444,"version_end_type":441,"fixed_in":9},"lt6_2_2","6.2.2",{"ecosystem":9,"name":433,"vendor":446,"product":433,"cpe_part":447,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":448},"python","a",[449],{"version":450,"is_range":438,"range_type":416,"version_start":9,"version_start_type":9,"version_end":444,"version_end_type":441,"fixed_in":9},"lt6.2.2"]