Miggo Logo

CVE-2020-10177: Out-of-bounds reads in Pillow

5.5

CVSS Score
3.1

Basic Information

EPSS Score
0.49079%
Published
7/27/2020
Updated
10/9/2024
KEV Status
No
Technology
TechnologyPython

Technical Details

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
Pillowpip< 7.1.07.1.0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from the ImagingFliDecode function in FliDecode.c, as shown in the commit diff where bounds checks were added via the ERR_IF_DATA_OOB macro. The original code lacked proper validation of 'data' pointer offsets when processing FLI chunks, leading to OOB reads. Multiple specific cases were patched in this function across different chunk types (BRUN, LC, SS2), all requiring boundary checks. The consistent use of the new macro across these cases confirms the function's central role in the vulnerability.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

Pillow ***or* *.*.* **s multipl* out-o*-*oun*s r***s in `li*Im**in*/*li***o**.*`.

Reasoning

T** vuln*r**ility st*ms *rom t** Im**in**li***o** *un*tion in *li***o**.*, *s s*own in t** *ommit *i** w**r* *oun*s ****ks w*r* ***** vi* t** *RR_I*_**T*_OO* m**ro. T** ori*in*l *o** l**k** prop*r v*li**tion o* '**t*' point*r o**s*ts w**n pro**ssin*