Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pillow vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2019-16865
An issue exists in Pillow prior to 6.2.0. When reading specially crafted invalid image files, the library can either allocate very large amounts of memory or take an extremely long period of time to process the image.
Python Pillow
Fedoraproject Fedora 30
Fedoraproject Fedora 31
5.5
CVSSv3
CVE-2016-3076
Heap-based buffer overflow in the j2k_encode_entry function in Pillow 2.5.0 up to and including 3.1.1 allows remote malicious users to cause a denial of service (memory corruption) via a crafted Jpeg2000 file.
Python Pillow 2.9.0
Python Pillow 2.5.1
Python Pillow 2.5.2
Python Pillow 3.0.0
Python Pillow 2.5.3
Python Pillow 2.6.2
Python Pillow 2.6.0
Python Pillow 2.5.0
Python Pillow 2.7.0
Python Pillow 3.1.0
Python Pillow 2.6.1
Python Pillow 2.8.2
Python Pillow 2.8.1
Python Pillow 2.8.0
2 Github repositories
6.5
CVSSv3
CVE-2016-2533
Buffer overflow in the ImagingPcdDecode function in PcdDecode.c in Pillow prior to 3.1.1 and Python Imaging Library (PIL) 1.1.7 and previous versions allows remote malicious users to cause a denial of service (crash) via a crafted PhotoCD file.
Python Imaging Project Python Imaging
Python Pillow
Debian Debian Linux 8.0
Debian Debian Linux 7.0
6.5
CVSSv3
CVE-2016-0740
Buffer overflow in the ImagingLibTiffDecode function in libImaging/TiffDecode.c in Pillow prior to 3.1.1 allows remote malicious users to overwrite memory via a crafted TIFF file.
Python Pillow
Debian Debian Linux 7.0
Debian Debian Linux 8.0
6.5
CVSSv3
CVE-2016-0775
Buffer overflow in the ImagingFliDecode function in libImaging/FliDecode.c in Pillow prior to 3.1.1 allows remote malicious users to cause a denial of service (crash) via a crafted FLI file.
Python Pillow
Debian Debian Linux 8.0
Debian Debian Linux 7.0
9.8
CVSSv3
CVE-2016-4009
Integer overflow in the ImagingResampleHorizontal function in libImaging/Resample.c in Pillow prior to 3.1.1 allows remote malicious users to have unspecified impact via negative values of the new size, which triggers a heap-based buffer overflow.
Python Pillow
NA
CVE-2014-3598
The Jpeg2KImagePlugin plugin in Pillow prior to 2.5.3 allows remote malicious users to cause a denial of service via a crafted image.
Opensuse Opensuse 13.2
Python Pillow
NA
CVE-2014-9601
Pillow prior to 2.7.0 allows remote malicious users to cause a denial of service via a compressed text chunk in a PNG image that has a large size when it is decompressed.
Python Pillow
Oracle Solaris 11.2
Fedoraproject Fedora 21
Opensuse Opensuse 13.2
NA
CVE-2014-3589
PIL/IcnsImagePlugin.py in Python Imaging Library (PIL) and Pillow prior to 2.3.2 and 2.5.x prior to 2.5.2 allows remote malicious users to cause a denial of service via a crafted block size.
Python Pillow 2.5.2
Python Pillow 2.5.1
Python Pillow
Python Pillow 2.3.0
Debian Python-imaging -
Python Pillow 2.5.0
Opensuse Opensuse 13.2
NA
CVE-2014-3007
Python Image Library (PIL) 1.1.7 and previous versions and Pillow 2.3 might allow remote malicious users to execute arbitrary commands via shell metacharacters in unspecified vectors related to CVE-2014-1932, possibly JpegImagePlugin.py.
Python Pillow 2.3.0
Pythonware Python Imaging Library
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »