Low Severity

Security Bulletin: WML CE: Pillow before 7.1.0 has multiple out-of-bounds reads

Share this post:

Pillow before 7.1.0 has multiple out-of-bounds reads in libImaging/FliDecode.c. PyTorch and TensorFlow use Pillow.

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Watson Machine Learning Community Edition 1.6.2
IBM Watson Machine Learning Community Edition 1.7.0

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6250527

More stories

Security Bulletin: IBM Resilient SOAR is Using Components with Known Vulnerabilities – Java SE (CVE-2020-14781)

Jun 15, 2021 8:01 pm EDT | Low Severity

IBM Resilient SOAR is Using Components with Known Vulnerabilities - Java SE (CVE-2020-14781) ...read more


Security Bulletin: IBM MQ Appliance affected by an OpenSSL vulnerability (CVE-2020-1968)

Jun 15, 2021 8:00 pm EDT | Low Severity

IBM MQ Appliance has resolved and OpenSSL vulnerability. ...read more


Security Bulletin: IBM Resilient SOAR is Using Components with Known Vulnerabilities – Java SE (CVE-2020-2773)

Jun 15, 2021 8:00 pm EDT | Low Severity

IBM Resilient SOAR is Using Components with Known Vulnerabilities - Java SE. ...read more