PYSEC-2020-91

See a problem?

Import Source

https://github.com/pypa/advisory-database/blob/main/vulns/psd-tools/PYSEC-2020-91.yaml

JSON Data

https://api.test.osv.dev/v1/vulns/PYSEC-2020-91

Aliases

Published

2020-03-14T18:15:00Z

Modified

2023-11-01T04:51:24.310283Z

Summary

[none]

Details

An issue was discovered in psd-tools before 1.9.4. The Cython implementation of RLE decoding did not check for malicious data.

References

Affected packages

PyPI / psd-tools

Package

Name: psd-tools; View open source insights on deps.dev
Purl: pkg:pypi/psd-tools

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.9.4

Affected versions

0.*

0.1.1

0.1.2

0.1.3

0.1.4

0.2

0.5

0.6

0.7

0.7.1

0.8

0.8.1

0.8.2

0.8.3

0.8.4

0.9

0.9.1

0.10

1.*

1.0

1.1

1.2

1.3

1.4

1.8.8

1.8.9

1.8.10

1.8.11

1.8.12

1.8.13

1.8.14

1.8.15

1.8.16

1.8.17

1.8.18

1.8.19

1.8.20

1.8.21

1.8.22

1.8.23

1.8.24

1.8.25

1.8.26

1.8.27

1.8.28

1.8.29

1.8.30

1.8.31

1.8.32

1.8.33

1.8.34

1.8.35

1.8.36

1.8.37

1.8.38

1.9.0

1.9.1

1.9.2

1.9.3

Database specific

source

"https://github.com/pypa/advisory-database/blob/main/vulns/psd-tools/PYSEC-2020-91.yaml"