Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:ebuild/dev-python/pillow@3.4.2
Typeebuild
Namespacedev-python
Namepillow
Version3.4.2
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version8.1.0
Latest_non_vulnerable_version10.3.0
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-1uv3-mjkz-rkcr
vulnerability_id VCID-1uv3-mjkz-rkcr
summary Buffer overflow in the ImagingPcdDecode function in PcdDecode.c in Pillow before 3.1.1 and Python Imaging Library (PIL) 1.1.7 and earlier allows remote attackers to cause a denial of service (crash) via a crafted PhotoCD file.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2533.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2533.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-2533
reference_id
reference_type
scores
0
value 0.02207
scoring_system epss
scoring_elements 0.84755
published_at 2026-06-04T12:55:00Z
1
value 0.02207
scoring_system epss
scoring_elements 0.84777
published_at 2026-06-07T12:55:00Z
2
value 0.02207
scoring_system epss
scoring_elements 0.84782
published_at 2026-06-06T12:55:00Z
3
value 0.02207
scoring_system epss
scoring_elements 0.84778
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-2533
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0740
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0740
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0775
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0775
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2533
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2533
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/advisories/GHSA-3c5c-7235-994j
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-3c5c-7235-994j
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/pillow/PYSEC-2016-19.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/pillow/PYSEC-2016-19.yaml
8
reference_url https://github.com/python-pillow/Pillow
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/python-pillow/Pillow
9
reference_url https://github.com/python-pillow/Pillow/blob/c3cb690fed5d4bf0c45576759de55d054916c165/CHANGES.rst
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/python-pillow/Pillow/blob/c3cb690fed5d4bf0c45576759de55d054916c165/CHANGES.rst
10
reference_url https://github.com/python-pillow/Pillow/blob/c3cb690fed5d4bf0c45576759de55d054916c165/CHANGES.rst?plain=1#L53
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/python-pillow/Pillow/blob/c3cb690fed5d4bf0c45576759de55d054916c165/CHANGES.rst?plain=1#L53
11
reference_url https://github.com/python-pillow/Pillow/commit/5bdf54b5a76b54fb00bd05f2d733e0a4173eefc9
reference_id
reference_type
scores
url https://github.com/python-pillow/Pillow/commit/5bdf54b5a76b54fb00bd05f2d733e0a4173eefc9
12
reference_url https://github.com/python-pillow/Pillow/commit/5bdf54b5a76b54fb00bd05f2d733e0a4173eefc9#diff-8ff6909c159597e22288ad818938fd6b
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/python-pillow/Pillow/commit/5bdf54b5a76b54fb00bd05f2d733e0a4173eefc9#diff-8ff6909c159597e22288ad818938fd6b
13
reference_url https://github.com/python-pillow/Pillow/commit/ae453aa18b66af54e7ff716f4ccb33adca60afd4#diff-8ff6909c159597e22288ad818938fd6b
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/python-pillow/Pillow/commit/ae453aa18b66af54e7ff716f4ccb33adca60afd4#diff-8ff6909c159597e22288ad818938fd6b
14
reference_url https://github.com/python-pillow/Pillow/pull/1706
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/python-pillow/Pillow/pull/1706
15
reference_url https://security.gentoo.org/glsa/201612-52
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201612-52
16
reference_url http://www.debian.org/security/2016/dsa-3499
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3499
17
reference_url http://www.openwall.com/lists/oss-security/2016/02/02/5
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/02/02/5
18
reference_url http://www.openwall.com/lists/oss-security/2016/02/22/2
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/02/22/2
19
reference_url http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
20
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1304504
reference_id 1304504
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1304504
21
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-2533
reference_id CVE-2016-2533
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-2533
22
reference_url http://www.cvedetails.com/cve/CVE-2016-2533/
reference_id CVE-2016-2533
reference_type
scores
url http://www.cvedetails.com/cve/CVE-2016-2533/
23
reference_url https://usn.ubuntu.com/3080-1/
reference_id USN-3080-1
reference_type
scores
url https://usn.ubuntu.com/3080-1/
24
reference_url https://usn.ubuntu.com/3090-1/
reference_id USN-3090-1
reference_type
scores
url https://usn.ubuntu.com/3090-1/
fixed_packages
0
url pkg:ebuild/dev-python/pillow@3.4.2
purl pkg:ebuild/dev-python/pillow@3.4.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-python/pillow@3.4.2
aliases CVE-2016-2533, GHSA-3c5c-7235-994j, PYSEC-2016-19
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1uv3-mjkz-rkcr
1
url VCID-6qkd-kgxx-dyeq
vulnerability_id VCID-6qkd-kgxx-dyeq
summary Pillow before 3.3.2 allows context-dependent attackers to obtain sensitive information by using the "crafted image file" approach, related to an "Integer Overflow" issue affecting the Image.core.map_buffer in map.c component.
references
0
reference_url http://pillow.readthedocs.io/en/3.4.x/releasenotes/3.3.2.html
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://pillow.readthedocs.io/en/3.4.x/releasenotes/3.3.2.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9189.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9189.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9189
reference_id
reference_type
scores
0
value 0.00358
scoring_system epss
scoring_elements 0.58296
published_at 2026-06-04T12:55:00Z
1
value 0.00358
scoring_system epss
scoring_elements 0.58352
published_at 2026-06-06T12:55:00Z
2
value 0.00358
scoring_system epss
scoring_elements 0.58343
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9189
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9189
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9189
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9190
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9190
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/advisories/GHSA-rwr3-c2q8-gm56
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-rwr3-c2q8-gm56
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/pillow/PYSEC-2016-8.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/pillow/PYSEC-2016-8.yaml
8
reference_url https://github.com/python-pillow/Pillow
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/python-pillow/Pillow
9
reference_url https://github.com/python-pillow/Pillow/issues/2105
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/python-pillow/Pillow/issues/2105
10
reference_url https://github.com/python-pillow/Pillow/pull/2146/commits/c50ebe6459a131a1ea8ca531f10da616d3ceaa0f
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/python-pillow/Pillow/pull/2146/commits/c50ebe6459a131a1ea8ca531f10da616d3ceaa0f
11
reference_url https://security.gentoo.org/glsa/201612-52
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201612-52
12
reference_url http://www.debian.org/security/2016/dsa-3710
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3710
13
reference_url http://www.securityfocus.com/bid/94234
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/94234
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1382000
reference_id 1382000
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1382000
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9189
reference_id CVE-2016-9189
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-9189
16
reference_url https://usn.ubuntu.com/3229-1/
reference_id USN-3229-1
reference_type
scores
url https://usn.ubuntu.com/3229-1/
17
reference_url https://usn.ubuntu.com/3230-1/
reference_id USN-3230-1
reference_type
scores
url https://usn.ubuntu.com/3230-1/
fixed_packages
0
url pkg:ebuild/dev-python/pillow@3.4.2
purl pkg:ebuild/dev-python/pillow@3.4.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-python/pillow@3.4.2
aliases CVE-2016-9189, GHSA-rwr3-c2q8-gm56, PYSEC-2016-8
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6qkd-kgxx-dyeq
2
url VCID-8gxw-hqk5-2uak
vulnerability_id VCID-8gxw-hqk5-2uak
summary Integer overflow in the ImagingResampleHorizontal function in libImaging/Resample.c in Pillow before 3.1.1 allows remote attackers to have unspecified impact via negative values of the new size, which triggers a heap-based buffer overflow.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4009.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4009.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-4009
reference_id
reference_type
scores
0
value 0.05263
scoring_system epss
scoring_elements 0.90173
published_at 2026-06-07T12:55:00Z
1
value 0.05263
scoring_system epss
scoring_elements 0.90174
published_at 2026-06-06T12:55:00Z
2
value 0.05263
scoring_system epss
scoring_elements 0.90175
published_at 2026-06-05T12:55:00Z
3
value 0.05263
scoring_system epss
scoring_elements 0.90159
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-4009
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4009
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4009
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/advisories/GHSA-hvr8-466p-75rh
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
2
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-hvr8-466p-75rh
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/pillow/PYSEC-2016-7.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/pillow/PYSEC-2016-7.yaml
6
reference_url https://github.com/python-pillow/Pillow
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/python-pillow/Pillow
7
reference_url https://github.com/python-pillow/Pillow/blob/c3cb690fed5d4bf0c45576759de55d054916c165/CHANGES.rst
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/python-pillow/Pillow/blob/c3cb690fed5d4bf0c45576759de55d054916c165/CHANGES.rst
8
reference_url https://github.com/python-pillow/Pillow/commit/4e0d9b0b9740d258ade40cce248c93777362ac1e
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/python-pillow/Pillow/commit/4e0d9b0b9740d258ade40cce248c93777362ac1e
9
reference_url https://github.com/python-pillow/Pillow/pull/1714
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/python-pillow/Pillow/pull/1714
10
reference_url https://security.gentoo.org/glsa/201612-52
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201612-52
11
reference_url http://www.securityfocus.com/bid/86064
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/86064
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1327134
reference_id 1327134
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1327134
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-4009
reference_id CVE-2016-4009
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-4009
fixed_packages
0
url pkg:ebuild/dev-python/pillow@3.4.2
purl pkg:ebuild/dev-python/pillow@3.4.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-python/pillow@3.4.2
aliases CVE-2016-4009, GHSA-hvr8-466p-75rh, PYSEC-2016-7
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8gxw-hqk5-2uak
3
url VCID-hy5d-twhs-e7a3
vulnerability_id VCID-hy5d-twhs-e7a3
summary Buffer overflow in the ImagingLibTiffDecode function in libImaging/TiffDecode.c in Pillow before 3.1.1 allows remote attackers to overwrite memory via a crafted TIFF file.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0740.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0740.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-0740
reference_id
reference_type
scores
0
value 0.00146
scoring_system epss
scoring_elements 0.34769
published_at 2026-06-05T12:55:00Z
1
value 0.00146
scoring_system epss
scoring_elements 0.3475
published_at 2026-06-07T12:55:00Z
2
value 0.00146
scoring_system epss
scoring_elements 0.34786
published_at 2026-06-06T12:55:00Z
3
value 0.00146
scoring_system epss
scoring_elements 0.34672
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-0740
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0740
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0740
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0775
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0775
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2533
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2533
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/advisories/GHSA-hggx-3h72-49ww
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-hggx-3h72-49ww
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/pillow/PYSEC-2016-5.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/pillow/PYSEC-2016-5.yaml
8
reference_url https://github.com/python-pillow/Pillow
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/python-pillow/Pillow
9
reference_url https://github.com/python-pillow/Pillow/blob/c3cb690fed5d4bf0c45576759de55d054916c165/CHANGES.rst
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/python-pillow/Pillow/blob/c3cb690fed5d4bf0c45576759de55d054916c165/CHANGES.rst
10
reference_url https://github.com/python-pillow/Pillow/commit/6dcbf5bd96b717c58d7b642949da8d323099928e
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/python-pillow/Pillow/commit/6dcbf5bd96b717c58d7b642949da8d323099928e
11
reference_url https://security.gentoo.org/glsa/201612-52
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201612-52
12
reference_url http://www.debian.org/security/2016/dsa-3499
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3499
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1298874
reference_id 1298874
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1298874
14
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813905
reference_id 813905
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813905
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-0740
reference_id CVE-2016-0740
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-0740
16
reference_url https://usn.ubuntu.com/3090-1/
reference_id USN-3090-1
reference_type
scores
url https://usn.ubuntu.com/3090-1/
fixed_packages
0
url pkg:ebuild/dev-python/pillow@3.4.2
purl pkg:ebuild/dev-python/pillow@3.4.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-python/pillow@3.4.2
aliases CVE-2016-0740, GHSA-hggx-3h72-49ww, PYSEC-2016-5
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hy5d-twhs-e7a3
4
url VCID-px2q-ph74-1ue6
vulnerability_id VCID-px2q-ph74-1ue6
summary Pillow before 3.3.2 allows context-dependent attackers to execute arbitrary code by using the "crafted image file" approach, related to an "Insecure Sign Extension" issue affecting the ImagingNew in Storage.c component.
references
0
reference_url http://pillow.readthedocs.io/en/3.4.x/releasenotes/3.3.2.html
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://pillow.readthedocs.io/en/3.4.x/releasenotes/3.3.2.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9190.json
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9190.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9190
reference_id
reference_type
scores
0
value 0.00566
scoring_system epss
scoring_elements 0.68859
published_at 2026-06-05T12:55:00Z
1
value 0.00566
scoring_system epss
scoring_elements 0.6886
published_at 2026-06-07T12:55:00Z
2
value 0.00566
scoring_system epss
scoring_elements 0.68867
published_at 2026-06-06T12:55:00Z
3
value 0.00566
scoring_system epss
scoring_elements 0.6882
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9190
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9189
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9189
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9190
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9190
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/advisories/GHSA-w4vg-rf63-f3j3
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-w4vg-rf63-f3j3
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/pillow/PYSEC-2016-9.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/pillow/PYSEC-2016-9.yaml
8
reference_url https://github.com/python-pillow/Pillow
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/python-pillow/Pillow
9
reference_url https://github.com/python-pillow/Pillow/issues/2105
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/python-pillow/Pillow/issues/2105
10
reference_url https://github.com/python-pillow/Pillow/pull/2146/commits/5d8a0be45aad78c5a22c8d099118ee26ef8144af
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/python-pillow/Pillow/pull/2146/commits/5d8a0be45aad78c5a22c8d099118ee26ef8144af
11
reference_url https://security.gentoo.org/glsa/201612-52
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201612-52
12
reference_url http://www.debian.org/security/2016/dsa-3710
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3710
13
reference_url http://www.securityfocus.com/bid/94234
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/94234
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1382006
reference_id 1382006
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1382006
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9190
reference_id CVE-2016-9190
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-9190
16
reference_url https://usn.ubuntu.com/3229-1/
reference_id USN-3229-1
reference_type
scores
url https://usn.ubuntu.com/3229-1/
17
reference_url https://usn.ubuntu.com/3230-1/
reference_id USN-3230-1
reference_type
scores
url https://usn.ubuntu.com/3230-1/
fixed_packages
0
url pkg:ebuild/dev-python/pillow@3.4.2
purl pkg:ebuild/dev-python/pillow@3.4.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-python/pillow@3.4.2
aliases CVE-2016-9190, GHSA-w4vg-rf63-f3j3, PYSEC-2016-9
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-px2q-ph74-1ue6
5
url VCID-q11v-xn32-auch
vulnerability_id VCID-q11v-xn32-auch
summary Buffer overflow in the ImagingFliDecode function in libImaging/FliDecode.c in Pillow before 3.1.1 allows remote attackers to cause a denial of service (crash) via a crafted FLI file.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0775.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0775.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-0775
reference_id
reference_type
scores
0
value 0.01069
scoring_system epss
scoring_elements 0.78095
published_at 2026-06-05T12:55:00Z
1
value 0.01069
scoring_system epss
scoring_elements 0.78093
published_at 2026-06-07T12:55:00Z
2
value 0.01069
scoring_system epss
scoring_elements 0.78102
published_at 2026-06-06T12:55:00Z
3
value 0.01069
scoring_system epss
scoring_elements 0.78068
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-0775
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0740
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0740
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0775
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0775
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2533
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2533
5
reference_url https://github.com/advisories/GHSA-8xjv-v9xq-m5h9
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-8xjv-v9xq-m5h9
6
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/pillow/PYSEC-2016-6.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/pillow/PYSEC-2016-6.yaml
7
reference_url https://github.com/python-pillow/Pillow
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/python-pillow/Pillow
8
reference_url https://github.com/python-pillow/Pillow/blob/c3cb690fed5d4bf0c45576759de55d054916c165/CHANGES.rst
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/python-pillow/Pillow/blob/c3cb690fed5d4bf0c45576759de55d054916c165/CHANGES.rst
9
reference_url https://github.com/python-pillow/Pillow/commit/893a40850c2d5da41537958e40569c029a6e127b
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/python-pillow/Pillow/commit/893a40850c2d5da41537958e40569c029a6e127b
10
reference_url https://security.gentoo.org/glsa/201612-52
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201612-52
11
reference_url http://www.debian.org/security/2016/dsa-3499
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3499
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1301621
reference_id 1301621
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1301621
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813909
reference_id 813909
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813909
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-0775
reference_id CVE-2016-0775
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-0775
15
reference_url https://usn.ubuntu.com/3080-1/
reference_id USN-3080-1
reference_type
scores
url https://usn.ubuntu.com/3080-1/
16
reference_url https://usn.ubuntu.com/3090-1/
reference_id USN-3090-1
reference_type
scores
url https://usn.ubuntu.com/3090-1/
fixed_packages
0
url pkg:ebuild/dev-python/pillow@3.4.2
purl pkg:ebuild/dev-python/pillow@3.4.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-python/pillow@3.4.2
aliases CVE-2016-0775, GHSA-8xjv-v9xq-m5h9, PYSEC-2016-6
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q11v-xn32-auch
6
url VCID-wz8g-dfys-mqaw
vulnerability_id VCID-wz8g-dfys-mqaw
summary The (1) load_djpeg function in JpegImagePlugin.py, (2) Ghostscript function in EpsImagePlugin.py, (3) load function in IptcImagePlugin.py, and (4) _copy function in Image.py in Python Image Library (PIL) 1.1.7 and earlier and Pillow before 2.3.1 do not properly create temporary files, which allow local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on the temporary file.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2014-05/msg00002.html
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2014-05/msg00002.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1932.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1932.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-1932
reference_id
reference_type
scores
0
value 0.00098
scoring_system epss
scoring_elements 0.2702
published_at 2026-06-05T12:55:00Z
1
value 0.00098
scoring_system epss
scoring_elements 0.26917
published_at 2026-06-04T12:55:00Z
2
value 0.00098
scoring_system epss
scoring_elements 0.27012
published_at 2026-06-06T12:55:00Z
3
value 0.00098
scoring_system epss
scoring_elements 0.26974
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-1932
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737059
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737059
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1932
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1932
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/pillow/PYSEC-2014-22.yaml
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/pillow/PYSEC-2014-22.yaml
6
reference_url https://github.com/python-imaging/Pillow/commit/4e9f367dfd3f04c8f5d23f7f759ec12782e10ee7
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/python-imaging/Pillow/commit/4e9f367dfd3f04c8f5d23f7f759ec12782e10ee7
7
reference_url https://github.com/python-pillow/Pillow
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/python-pillow/Pillow
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-1932
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-1932
9
reference_url https://security.gentoo.org/glsa/201612-52
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201612-52
10
reference_url https://web.archive.org/web/20170103151725/http://www.securityfocus.com/bid/65511
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20170103151725/http://www.securityfocus.com/bid/65511
11
reference_url http://www.openwall.com/lists/oss-security/2014/02/11/1
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2014/02/11/1
12
reference_url http://www.securityfocus.com/bid/65511
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/65511
13
reference_url http://www.ubuntu.com/usn/USN-2168-1
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-2168-1
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1063658
reference_id 1063658
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1063658
15
reference_url https://github.com/advisories/GHSA-x895-2wrm-hvp7
reference_id GHSA-x895-2wrm-hvp7
reference_type
scores
url https://github.com/advisories/GHSA-x895-2wrm-hvp7
16
reference_url https://usn.ubuntu.com/2168-1/
reference_id USN-2168-1
reference_type
scores
url https://usn.ubuntu.com/2168-1/
fixed_packages
0
url pkg:ebuild/dev-python/pillow@3.4.2
purl pkg:ebuild/dev-python/pillow@3.4.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-python/pillow@3.4.2
aliases CVE-2014-1932, GHSA-x895-2wrm-hvp7, PYSEC-2014-22
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wz8g-dfys-mqaw
7
url VCID-xfzk-j8w9-9kh8
vulnerability_id VCID-xfzk-j8w9-9kh8
summary The (1) JpegImagePlugin.py and (2) EpsImagePlugin.py scripts in Python Image Library (PIL) 1.1.7 and earlier and Pillow before 2.3.1 uses the names of temporary files on the command line, which makes it easier for local users to conduct symlink attacks by listing the processes.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2014-05/msg00002.html
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2014-05/msg00002.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1933.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1933.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-1933
reference_id
reference_type
scores
0
value 0.00111
scoring_system epss
scoring_elements 0.29077
published_at 2026-06-07T12:55:00Z
1
value 0.00111
scoring_system epss
scoring_elements 0.29074
published_at 2026-06-04T12:55:00Z
2
value 0.00111
scoring_system epss
scoring_elements 0.29145
published_at 2026-06-05T12:55:00Z
3
value 0.00111
scoring_system epss
scoring_elements 0.29112
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-1933
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1933
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1933
4
reference_url https://github.com/advisories/GHSA-r854-96gq-rfg3
reference_id
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-r854-96gq-rfg3
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/pillow/PYSEC-2014-23.yaml
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/pillow/PYSEC-2014-23.yaml
6
reference_url https://github.com/python-imaging/Pillow
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/python-imaging/Pillow
7
reference_url https://github.com/python-imaging/Pillow/commit/4e9f367dfd3f04c8f5d23f7f759ec12782e10ee7
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/python-imaging/Pillow/commit/4e9f367dfd3f04c8f5d23f7f759ec12782e10ee7
8
reference_url https://security.gentoo.org/glsa/201612-52
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201612-52
9
reference_url http://www.openwall.com/lists/oss-security/2014/02/10/15
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2014/02/10/15
10
reference_url http://www.openwall.com/lists/oss-security/2014/02/11/1
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2014/02/11/1
11
reference_url http://www.securityfocus.com/bid/65513
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/65513
12
reference_url http://www.ubuntu.com/usn/USN-2168-1
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-2168-1
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1063660
reference_id 1063660
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1063660
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-1933
reference_id CVE-2014-1933
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-1933
15
reference_url https://usn.ubuntu.com/2168-1/
reference_id USN-2168-1
reference_type
scores
url https://usn.ubuntu.com/2168-1/
fixed_packages
0
url pkg:ebuild/dev-python/pillow@3.4.2
purl pkg:ebuild/dev-python/pillow@3.4.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-python/pillow@3.4.2
aliases CVE-2014-1933, GHSA-r854-96gq-rfg3, PYSEC-2014-23
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xfzk-j8w9-9kh8
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:ebuild/dev-python/pillow@3.4.2