CVE-2019-19911

HIGH

Python Pillow < 6.2.2 - Integer Overflow

Title source: rule

Description

There is a DoS vulnerability in Pillow before 6.2.2 caused by FpxImagePlugin.py calling the range function on an unvalidated 32-bit integer if the number of bands is large. On Windows running 32-bit Python, this results in an OverflowError or MemoryError due to the 2 GB limit. However, on Linux running 64-bit Python this results in the process being terminated by the OOM killer.

References (4)

[Release Notes, Third Party Advisory] https://pillow.readthedocs.io/en/stable/releasenotes/6.2.2.html

[Third Party Advisory] https://usn.ubuntu.com/4272-1/

[Third Party Advisory] https://www.debian.org/security/2020/dsa-4631

[Mailing List, Third Party Advisory] https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3DUMIBUYGJRAVJCTFUWBRLVQKOUTVX5P/

Scores

CVSS v3 7.5

EPSS 0.0097

EPSS Percentile 76.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Classification

CWE

CWE-190

Status published

Affected Products (9)

python/pillow < 6.2.2

debian/debian_linux

debian/debian_linux

fedoraproject/fedora

canonical/ubuntu_linux

canonical/ubuntu_linux

canonical/ubuntu_linux

canonical/ubuntu_linux

pypi/pillow < 6.2.2PyPI

Timeline

Published Jan 05, 2020

Tracked Since Feb 18, 2026