In libImaging/PcxDecode.c in Pillow before 7.1.0, an out-of-bounds read can occur when reading PCX files where state->shuffle is instructed to read beyond state->buffer.
{ "cpes": [ "cpe:2.3:a:python:pillow:*:*:*:*:*:*:*:*" ], "severity": "Medium" }