Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
python pillow vulnerabilities and exploits
(subscribe to this query)
7.1
CVSSv3
CVE-2020-5313
libImaging/FliDecode.c in Pillow prior to 6.2.2 has an FLI buffer overflow.
Python Pillow
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Fedoraproject Fedora 30
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Fedoraproject Fedora 31
Canonical Ubuntu Linux 16.04
2 Github repositories
6.5
CVSSv3
CVE-2022-22815
path_getbbox in path.c in Pillow prior to 9.0.0 improperly initializes ImagePath.Path.
Python Pillow
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
6.5
CVSSv3
CVE-2022-22816
path_getbbox in path.c in Pillow prior to 9.0.0 has a buffer over-read during initialization of ImagePath.Path.
Python Pillow
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
6.5
CVSSv3
CVE-2021-25292
An issue exists in Pillow prior to 8.1.1. The PDF parser allows a regular expression DoS (ReDoS) attack via a crafted PDF file because of a catastrophic backtracking regex.
Python Pillow
6.5
CVSSv3
CVE-2016-2533
Buffer overflow in the ImagingPcdDecode function in PcdDecode.c in Pillow prior to 3.1.1 and Python Imaging Library (PIL) 1.1.7 and previous versions allows remote malicious users to cause a denial of service (crash) via a crafted PhotoCD file.
Python Imaging Project Python Imaging
Python Pillow
Debian Debian Linux 8.0
Debian Debian Linux 7.0
6.5
CVSSv3
CVE-2016-0740
Buffer overflow in the ImagingLibTiffDecode function in libImaging/TiffDecode.c in Pillow prior to 3.1.1 allows remote malicious users to overwrite memory via a crafted TIFF file.
Python Pillow
Debian Debian Linux 7.0
Debian Debian Linux 8.0
6.5
CVSSv3
CVE-2016-0775
Buffer overflow in the ImagingFliDecode function in libImaging/FliDecode.c in Pillow prior to 3.1.1 allows remote malicious users to cause a denial of service (crash) via a crafted FLI file.
Python Pillow
Debian Debian Linux 8.0
Debian Debian Linux 7.0
5.5
CVSSv3
CVE-2021-28678
An issue exists in Pillow prior to 8.2.0. For BLP data, BlpImagePlugin did not properly check that reads (after jumping to file offsets) returned data. This could lead to a DoS where the decoder could be run a large number of times on empty data.
Python Pillow
Fedoraproject Fedora 33
5.5
CVSSv3
CVE-2021-28675
An issue exists in Pillow prior to 8.2.0. PSDImagePlugin.PsdImageFile lacked a sanity check on the number of input layers relative to the size of the data block. This could lead to a DoS on Image.open prior to Image.load.
Python Pillow
Fedoraproject Fedora 33
5.5
CVSSv3
CVE-2020-10378
In libImaging/PcxDecode.c in Pillow prior to 7.1.0, an out-of-bounds read can occur when reading PCX files where state->shuffle is instructed to read beyond state->buffer.
Python Pillow
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »