VulnerableCode Package Details - pkg:deb/debian/pillow@8.1.2-1?distro=trixie

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-3qb5-8p8w-gkad	Pillow before 8.1.1 allows attackers to cause a denial of service (memory consumption) because the reported size of a contained image is not properly checked for a BLP container, and thus an attempted memory allocation can be very large.	BIT-pillow-2021-27921 CVE-2021-27921 GHSA-f4w8-cv6p-x6r5 PYSEC-2021-40
VCID-53ac-ceq4-qkhf	Pillow before 8.1.1 allows attackers to cause a denial of service (memory consumption) because the reported size of a contained image is not properly checked for an ICNS container, and thus an attempted memory allocation can be very large.	BIT-pillow-2021-27922 CVE-2021-27922 GHSA-3wvg-mj6g-m9cv PYSEC-2021-41
VCID-gvjw-funa-sqak	Pillow before 8.1.1 allows attackers to cause a denial of service (memory consumption) because the reported size of a contained image is not properly checked for an ICO container, and thus an attempted memory allocation can be very large.	BIT-pillow-2021-27923 CVE-2021-27923 GHSA-95q3-8gr9-gm8w PYSEC-2021-42

Vulnerability

Summary

Aliases

VCID-3qb5-8p8w-gkad

Pillow before 8.1.1 allows attackers to cause a denial of service (memory consumption) because the reported size of a contained image is not properly checked for a BLP container, and thus an attempted memory allocation can be very large.

BIT-pillow-2021-27921
CVE-2021-27921
GHSA-f4w8-cv6p-x6r5
PYSEC-2021-40

VCID-53ac-ceq4-qkhf

Pillow before 8.1.1 allows attackers to cause a denial of service (memory consumption) because the reported size of a contained image is not properly checked for an ICNS container, and thus an attempted memory allocation can be very large.

BIT-pillow-2021-27922
CVE-2021-27922
GHSA-3wvg-mj6g-m9cv
PYSEC-2021-41

VCID-gvjw-funa-sqak

Pillow before 8.1.1 allows attackers to cause a denial of service (memory consumption) because the reported size of a contained image is not properly checked for an ICO container, and thus an attempted memory allocation can be very large.

BIT-pillow-2021-27923
CVE-2021-27923
GHSA-95q3-8gr9-gm8w
PYSEC-2021-42

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T12:20:51.185602+00:00	Debian Importer	Fixing	VCID-53ac-ceq4-qkhf	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T12:06:38.529510+00:00	Debian Importer	Fixing	VCID-3qb5-8p8w-gkad	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:40:11.869898+00:00	Debian Importer	Fixing	VCID-gvjw-funa-sqak	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-13T08:26:52.661979+00:00	Debian Importer	Fixing	VCID-53ac-ceq4-qkhf	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T08:16:47.143445+00:00	Debian Importer	Fixing	VCID-3qb5-8p8w-gkad	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T18:26:03.333357+00:00	Debian Importer	Fixing	VCID-gvjw-funa-sqak	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-03T07:50:02.638504+00:00	Debian Importer	Fixing	VCID-gvjw-funa-sqak	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:50:02.597281+00:00	Debian Importer	Fixing	VCID-53ac-ceq4-qkhf	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:50:02.556044+00:00	Debian Importer	Fixing	VCID-3qb5-8p8w-gkad	https://security-tracker.debian.org/tracker/data/json	38.1.0