Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
python pillow vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2016-3076
Heap-based buffer overflow in the j2k_encode_entry function in Pillow 2.5.0 up to and including 3.1.1 allows remote malicious users to cause a denial of service (memory corruption) via a crafted Jpeg2000 file.
Python Pillow 2.5.1
Python Pillow 3.0.0
Python Pillow 2.8.0
Python Pillow 2.6.1
Python Pillow 2.9.0
Python Pillow 2.8.2
Python Pillow 2.5.2
Python Pillow 2.6.0
Python Pillow 2.7.0
Python Pillow 2.6.2
Python Pillow 2.5.0
Python Pillow 3.1.0
Python Pillow 2.8.1
Python Pillow 2.5.3
2 Github repositories
NA
CVE-2014-3589
PIL/IcnsImagePlugin.py in Python Imaging Library (PIL) and Pillow prior to 2.3.2 and 2.5.x prior to 2.5.2 allows remote malicious users to cause a denial of service via a crafted block size.
Python Pillow 2.5.1
Debian Python-imaging -
Python Pillow 2.5.2
Python Pillow 2.5.0
Python Pillow 2.3.0
Python Pillow
Opensuse Opensuse 13.2
NA
CVE-2014-1932
The (1) load_djpeg function in JpegImagePlugin.py, (2) Ghostscript function in EpsImagePlugin.py, (3) load function in IptcImagePlugin.py, and (4) _copy function in Image.py in Python Image Library (PIL) 1.1.7 and previous versions and Pillow prior to 2.3.1 do not properly create...
Python Pillow
Pythonware Python Imaging Library
NA
CVE-2014-1933
The (1) JpegImagePlugin.py and (2) EpsImagePlugin.py scripts in Python Image Library (PIL) 1.1.7 and previous versions and Pillow prior to 2.3.1 uses the names of temporary files on the command line, which makes it easier for local users to conduct symlink attacks by listing the ...
Python Pillow
Pythonware Python Imaging Library
7.5
CVSSv3
CVE-2022-45198
Pillow prior to 9.2.0 performs Improper Handling of Highly Compressed GIF Data (Data Amplification).
Python Pillow
6.5
CVSSv3
CVE-2021-25292
An issue exists in Pillow prior to 8.1.1. The PDF parser allows a regular expression DoS (ReDoS) attack via a crafted PDF file because of a catastrophic backtracking regex.
Python Pillow
9.8
CVSSv3
CVE-2016-4009
Integer overflow in the ImagingResampleHorizontal function in libImaging/Resample.c in Pillow prior to 3.1.1 allows remote malicious users to have unspecified impact via negative values of the new size, which triggers a heap-based buffer overflow.
Python Pillow
9.8
CVSSv3
CVE-2021-25289
An issue exists in Pillow prior to 8.1.1. TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode. NOTE: this issue exists because of an incomplete fix for CVE-2020-35654.
Python Pillow
7.5
CVSSv3
CVE-2021-25291
An issue exists in Pillow prior to 8.1.1. In TiffDecode.c, there is an out-of-bounds read in TiffreadRGBATile via invalid tile boundaries.
Python Pillow
7.5
CVSSv3
CVE-2021-25293
An issue exists in Pillow prior to 8.1.1. There is an out-of-bounds read in SGIRleDecode.c.
Python Pillow
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »