MGASA-2020-0088

Advisory lineage Upstream: 6 Downstream: 0

Upstream

CVE-2019-16865 CVE-2019-19911 CVE-2020-5310 CVE-2020-5311 CVE-2020-5312 CVE-2020-5313

Published: 18 Feb 2020, 14:05

Last modified:16 Apr 2026, 04:26

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

18 Feb 2020, 14:05

Published

Vulnerability first disclosed

16 Apr 2026, 04:26

Last Modified

Vulnerability information updated

Description

Updated python-pillow packages fix security vulnerabilities Updated python-pillow packages fix security vulnerabilities: It was discovered that Pillow incorrectly handled certain images. An attacker could possibly use this issue to cause a denial of service (CVE-2019-16865, CVE-2019-19911). It was discovered that Pillow incorrectly handled certain TIFF images. An attacker could possibly use this issue to cause a crash (CVE-2020-5310). It was discovered that Pillow incorrectly handled certain SGI images. An attacker could possibly use this issue to execute arbitrary code or cause a crash (CVE-2020-5311). It was discovered that Pillow incorrectly handled certain PCX images. An attacker could possibly use this issue to execute arbitrary code or cause a crash (CVE-2020-5312). It was discovered that Pillow incorrectly handled certain Flip images. An attacker could possibly use this issue to execute arbitrary code or cause a crash (CVE-2020-5313).

Affected Systems

mageia•python-pillow
< 5.4.1-1.1.mga7

MGASA-2020-0088

Vulnerability Summary

Timeline

Description

Affected Systems

References (3)