VulnerableCode Package Details - pkg:apk/alpine/py3-pillow@8.4.0-r3?arch=armv7&distroversion=v3.15&reponame=main

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:apk/alpine/py3-pillow@8.4.0-r3?arch=armv7&distroversion=v3.15&reponame=main

purl	pkg:apk/alpine/py3-pillow@8.4.0-r3?arch=armv7&distroversion=v3.15&reponame=main

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (2)

Vulnerability	Summary	Aliases
VCID-brp2-dtrf-jyfr	Pillow before 9.0.1 allows attackers to delete files because spaces in temporary pathnames are mishandled.	BIT-pillow-2022-24303 CVE-2022-24303 GHSA-9j59-75qj-795w GMS-2022-348 PYSEC-2022-168
VCID-q4bb-qnxe-8bfa	PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitrary expressions, such as ones that use the Python exec method.	BIT-pillow-2022-22817 CVE-2022-22817 GHSA-8vj2-vxx3-667w PYSEC-2022-10

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T19:26:09.480119+00:00	Alpine Linux Importer	Fixing	VCID-q4bb-qnxe-8bfa	https://secdb.alpinelinux.org/v3.15/main.json	38.0.0
2026-04-01T19:12:23.254094+00:00	Alpine Linux Importer	Fixing	VCID-brp2-dtrf-jyfr	https://secdb.alpinelinux.org/v3.15/main.json	38.0.0