Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
python pillow vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2016-2533
Buffer overflow in the ImagingPcdDecode function in PcdDecode.c in Pillow prior to 3.1.1 and Python Imaging Library (PIL) 1.1.7 and previous versions allows remote malicious users to cause a denial of service (crash) via a crafted PhotoCD file.
Python Imaging Project Python Imaging
Python Pillow
Debian Debian Linux 8.0
Debian Debian Linux 7.0
10
CVSSv2
CVE-2016-4009
Integer overflow in the ImagingResampleHorizontal function in libImaging/Resample.c in Pillow prior to 3.1.1 allows remote malicious users to have unspecified impact via negative values of the new size, which triggers a heap-based buffer overflow.
Python Pillow
4.3
CVSSv2
CVE-2016-0740
Buffer overflow in the ImagingLibTiffDecode function in libImaging/TiffDecode.c in Pillow prior to 3.1.1 allows remote malicious users to overwrite memory via a crafted TIFF file.
Python Pillow
Debian Debian Linux 7.0
Debian Debian Linux 8.0
4.3
CVSSv2
CVE-2016-0775
Buffer overflow in the ImagingFliDecode function in libImaging/FliDecode.c in Pillow prior to 3.1.1 allows remote malicious users to cause a denial of service (crash) via a crafted FLI file.
Python Pillow
Debian Debian Linux 8.0
Debian Debian Linux 7.0
5
CVSSv2
CVE-2014-3598
The Jpeg2KImagePlugin plugin in Pillow prior to 2.5.3 allows remote malicious users to cause a denial of service via a crafted image.
Opensuse Opensuse 13.2
Python Pillow
5
CVSSv2
CVE-2014-9601
Pillow prior to 2.7.0 allows remote malicious users to cause a denial of service via a compressed text chunk in a PNG image that has a large size when it is decompressed.
Python Pillow
Oracle Solaris 11.2
Fedoraproject Fedora 21
Opensuse Opensuse 13.2
5
CVSSv2
CVE-2014-3589
PIL/IcnsImagePlugin.py in Python Imaging Library (PIL) and Pillow prior to 2.3.2 and 2.5.x prior to 2.5.2 allows remote malicious users to cause a denial of service via a crafted block size.
Python Pillow 2.5.2
Python Pillow 2.5.1
Python Pillow
Python Pillow 2.3.0
Debian Python-imaging -
Python Pillow 2.5.0
Opensuse Opensuse 13.2
10
CVSSv2
CVE-2014-3007
Python Image Library (PIL) 1.1.7 and previous versions and Pillow 2.3 might allow remote malicious users to execute arbitrary commands via shell metacharacters in unspecified vectors related to CVE-2014-1932, possibly JpegImagePlugin.py.
Python Pillow 2.3.0
Pythonware Python Imaging Library
4.4
CVSSv2
CVE-2014-1932
The (1) load_djpeg function in JpegImagePlugin.py, (2) Ghostscript function in EpsImagePlugin.py, (3) load function in IptcImagePlugin.py, and (4) _copy function in Image.py in Python Image Library (PIL) 1.1.7 and previous versions and Pillow prior to 2.3.1 do not properly create...
Python Pillow
Pythonware Python Imaging Library
2.1
CVSSv2
CVE-2014-1933
The (1) JpegImagePlugin.py and (2) EpsImagePlugin.py scripts in Python Image Library (PIL) 1.1.7 and previous versions and Pillow prior to 2.3.1 uses the names of temporary files on the command line, which makes it easier for local users to conduct symlink attacks by listing the ...
Python Pillow
Pythonware Python Imaging Library
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5