Search for packages
| purl | pkg:deb/debian/pillow@3.4.2-1?distro=trixie |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-e3gp-zc2b-budg | Pillow before 3.3.2 allows context-dependent attackers to obtain sensitive information by using the "crafted image file" approach, related to an "Integer Overflow" issue affecting the Image.core.map_buffer in map.c component. |
CVE-2016-9189
GHSA-rwr3-c2q8-gm56 PYSEC-2016-8 |
| VCID-u1en-t8ux-uube | Pillow before 3.3.2 allows context-dependent attackers to execute arbitrary code by using the "crafted image file" approach, related to an "Insecure Sign Extension" issue affecting the ImagingNew in Storage.c component. |
CVE-2016-9190
GHSA-w4vg-rf63-f3j3 PYSEC-2016-9 |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-16T12:35:39.394903+00:00 | Debian Importer | Fixing | VCID-e3gp-zc2b-budg | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-16T11:20:01.476992+00:00 | Debian Importer | Fixing | VCID-u1en-t8ux-uube | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-13T08:37:36.825008+00:00 | Debian Importer | Fixing | VCID-e3gp-zc2b-budg | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-13T07:42:48.302055+00:00 | Debian Importer | Fixing | VCID-u1en-t8ux-uube | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-03T07:50:01.542753+00:00 | Debian Importer | Fixing | VCID-u1en-t8ux-uube | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |
| 2026-04-03T07:50:01.501935+00:00 | Debian Importer | Fixing | VCID-e3gp-zc2b-budg | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |