VulnerableCode Package Details - pkg:apk/alpine/py3-pillow@9.0.0-r0?arch=x86&distroversion=edge&reponame=community

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:apk/alpine/py3-pillow@9.0.0-r0?arch=x86&distroversion=edge&reponame=community

purl	pkg:apk/alpine/py3-pillow@9.0.0-r0?arch=x86&distroversion=edge&reponame=community

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (2)

Vulnerability	Summary	Aliases
VCID-df4x-jt3h-17hx	path_getbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization of ImagePath.Path.	BIT-pillow-2022-22816 CVE-2022-22816 GHSA-xrcv-f9gm-v42c PYSEC-2022-9
VCID-dpc3-td9q-dyee	path_getbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path.	BIT-pillow-2022-22815 CVE-2022-22815 GHSA-pw3c-h7wp-cvhx PYSEC-2022-8

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-03T17:45:29.128200+00:00	Alpine Linux Importer	Fixing	VCID-dpc3-td9q-dyee	https://secdb.alpinelinux.org/edge/community.json	38.1.0
2026-04-01T18:59:44.286880+00:00	Alpine Linux Importer	Fixing	VCID-df4x-jt3h-17hx	https://secdb.alpinelinux.org/edge/community.json	38.0.0