Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/pillow@8.1.2%2Bdfsg-0.3%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/pillow@8.1.2%2Bdfsg-0.3%2Bdeb11u3?distro=trixie
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (3)
Vulnerability Summary Aliases
VCID-19e1-19hk-duet Pillow before 9.2.0 performs Improper Handling of Highly Compressed GIF Data (Data Amplification). BIT-pillow-2022-45198
CVE-2022-45198
GHSA-m2vv-5vj5-2hm7
PYSEC-2022-42979
VCID-1vt7-c6e3-7qc8 The package pillow from 0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the getrgb function. BIT-pillow-2021-23437
CVE-2021-23437
GHSA-98vv-pw6r-q6q4
PYSEC-2021-317
SNYK-PYTHON-PILLOW-1319443
VCID-brp2-dtrf-jyfr Pillow before 9.0.1 allows attackers to delete files because spaces in temporary pathnames are mishandled. BIT-pillow-2022-24303
CVE-2022-24303
GHSA-9j59-75qj-795w
GMS-2022-348
PYSEC-2022-168

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T11:16:38.661724+00:00 Debian Importer Fixing VCID-19e1-19hk-duet https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:08:10.499560+00:00 Debian Importer Fixing VCID-brp2-dtrf-jyfr https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:19:50.468628+00:00 Debian Importer Fixing VCID-1vt7-c6e3-7qc8 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-13T07:40:15.617674+00:00 Debian Importer Fixing VCID-19e1-19hk-duet https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:34:01.069557+00:00 Debian Importer Fixing VCID-brp2-dtrf-jyfr https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T18:14:01.574481+00:00 Debian Importer Fixing VCID-1vt7-c6e3-7qc8 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-03T07:50:03.179959+00:00 Debian Importer Fixing VCID-19e1-19hk-duet https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:50:03.081494+00:00 Debian Importer Fixing VCID-brp2-dtrf-jyfr https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:50:02.212994+00:00 Debian Importer Fixing VCID-1vt7-c6e3-7qc8 https://security-tracker.debian.org/tracker/data/json 38.1.0