Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/pillow@7.2.0-1?distro=trixie
purl pkg:deb/debian/pillow@7.2.0-1?distro=trixie
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (5)
Vulnerability Summary Aliases
VCID-8n2b-wvya-53e1 In libImaging/PcxDecode.c in Pillow before 7.1.0, an out-of-bounds read can occur when reading PCX files where state->shuffle is instructed to read beyond state->buffer. BIT-pillow-2020-10378
CVE-2020-10378
GHSA-3xv8-3j54-hgrp
PYSEC-2020-77
VCID-and9-6jty-pyeq In Pillow before 7.1.0, there are two Buffer Overflows in libImaging/TiffDecode.c. BIT-pillow-2020-10379
CVE-2020-10379
GHSA-8843-m7mw-mxqm
PYSEC-2020-78
VCID-b5a2-83ej-puaw In libImaging/SgiRleDecode.c in Pillow through 7.0.0, a number of out-of-bounds reads exist in the parsing of SGI image files, a different issue than CVE-2020-5311. BIT-pillow-2020-11538
CVE-2020-11538
GHSA-43fq-w8qq-v88h
PYSEC-2020-80
VCID-haum-8zpg-6kgf Pillow before 7.1.0 has multiple out-of-bounds reads in libImaging/FliDecode.c. BIT-pillow-2020-10177
CVE-2020-10177
GHSA-cqhg-xjhh-p8hf
PYSEC-2020-76
VCID-uf5t-asns-tudp In libImaging/Jpeg2KDecode.c in Pillow before 7.1.0, there are multiple out-of-bounds reads via a crafted JP2 file. BIT-pillow-2020-10994
CVE-2020-10994
GHSA-vj42-xq3r-hr3r
PYSEC-2020-79

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T12:46:25.335395+00:00 Debian Importer Fixing VCID-haum-8zpg-6kgf https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:33:36.972833+00:00 Debian Importer Fixing VCID-8n2b-wvya-53e1 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:48:43.068949+00:00 Debian Importer Fixing VCID-and9-6jty-pyeq https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:42:46.769064+00:00 Debian Importer Fixing VCID-b5a2-83ej-puaw https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T08:42:08.292013+00:00 Debian Importer Fixing VCID-uf5t-asns-tudp https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-13T08:45:38.925480+00:00 Debian Importer Fixing VCID-haum-8zpg-6kgf https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:52:51.015939+00:00 Debian Importer Fixing VCID-8n2b-wvya-53e1 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:19:04.483885+00:00 Debian Importer Fixing VCID-and9-6jty-pyeq https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:14:45.211409+00:00 Debian Importer Fixing VCID-b5a2-83ej-puaw https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T17:50:54.226444+00:00 Debian Importer Fixing VCID-uf5t-asns-tudp https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-03T07:50:01.840371+00:00 Debian Importer Fixing VCID-b5a2-83ej-puaw https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:50:01.800013+00:00 Debian Importer Fixing VCID-uf5t-asns-tudp https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:50:01.759035+00:00 Debian Importer Fixing VCID-and9-6jty-pyeq https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:50:01.718147+00:00 Debian Importer Fixing VCID-8n2b-wvya-53e1 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:50:01.677449+00:00 Debian Importer Fixing VCID-haum-8zpg-6kgf https://security-tracker.debian.org/tracker/data/json 38.1.0