In libImaging/PcxDecode.c in Pillow before 7.1.0, an out-of-bounds read can occur when reading PCX files where state->shuffle is instructed to read beyond state->buffer.
[ { "signature_type": "Function", "deprecated": false, "source": "https://github.com/python-pillow/pillow/commit/6a83e4324738bb0452fbe8074a995b1c73f08de7", "signature_version": "v1", "target": { "function": "ImagingPcxDecode", "file": "src/libImaging/PcxDecode.c" }, "digest": { "function_hash": "237027674255937501286717290487134717202", "length": 1418.0 }, "id": "CVE-2020-10378-78acc16d" }, { "signature_type": "Line", "deprecated": false, "source": "https://github.com/python-pillow/pillow/commit/6a83e4324738bb0452fbe8074a995b1c73f08de7", "signature_version": "v1", "target": { "file": "src/libImaging/PcxDecode.c" }, "digest": { "threshold": 0.9, "line_hashes": [ "25901954450279011341742658171344170564", "4064274618583996555694994057645488849", "28176007691574792831032194145824532472", "217779631413749524162890180010505715716", "100250632816792623213214653223208827946", "24042758865160182801373950721837609446", "216173328986995126865716644862015367760" ] }, "id": "CVE-2020-10378-ee72a343" } ]