CVE-2020-10571

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2020-10571

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-10571.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2020-10571

Aliases

Published

2020-03-14T18:15:11.453Z

Modified

2025-11-14T10:07:05.943976Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

An issue was discovered in psd-tools before 1.9.4. The Cython implementation of RLE decoding did not check for malicious data.

References

Affected packages

Git / github.com/psd-tools/psd-tools

Affected ranges

Type: GIT
Repo: https://github.com/psd-tools/psd-tools
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

fd51f8b4a52bc9c1c06d1035dfdf2cd920e87074

Affected versions

0.*

0.1

0.1.1

0.1.2

0.1.3

0.1.4

0.10

0.2

0.5

0.6

0.7

0.7.1

0.8

0.8.1

0.8.2

0.8.3

0.8.4

0.9

0.9.1

1.*

1.0

1.1

1.2

1.3

1.4

1.8.10

1.8.11

1.8.12

1.8.14

1.8.17

1.8.21

1.8.25

1.8.26

1.8.8

1.8.9

v.*

v.1.9.0

v1.*

v1.8.26

v1.8.27

v1.8.28

v1.8.29

v1.8.30

v1.8.31

v1.8.32

v1.8.33

v1.8.34

v1.8.35

v1.8.36

v1.8.37.post1

v1.8.37.post2

v1.8.37.post3

v1.8.38

v1.9.1

v1.9.2

v1.9.3

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-10571.json"