Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/pillow@9.4.0-1.1%2Bdeb12u1
purl pkg:deb/debian/pillow@9.4.0-1.1%2Bdeb12u1
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (3)
Vulnerability Summary Aliases
VCID-19e1-19hk-duet Pillow before 9.2.0 performs Improper Handling of Highly Compressed GIF Data (Data Amplification). BIT-pillow-2022-45198
CVE-2022-45198
GHSA-m2vv-5vj5-2hm7
PYSEC-2022-42979
VCID-1vt7-c6e3-7qc8 The package pillow from 0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the getrgb function. BIT-pillow-2021-23437
CVE-2021-23437
GHSA-98vv-pw6r-q6q4
PYSEC-2021-317
SNYK-PYTHON-PILLOW-1319443
VCID-brp2-dtrf-jyfr Pillow before 9.0.1 allows attackers to delete files because spaces in temporary pathnames are mishandled. BIT-pillow-2022-24303
CVE-2022-24303
GHSA-9j59-75qj-795w
GMS-2022-348
PYSEC-2022-168

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-15T23:31:00.118694+00:00 Debian Oval Importer Fixing VCID-brp2-dtrf-jyfr https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T20:51:11.783163+00:00 Debian Oval Importer Fixing VCID-19e1-19hk-duet https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T18:27:25.772100+00:00 Debian Oval Importer Fixing VCID-1vt7-c6e3-7qc8 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-11T23:06:15.446377+00:00 Debian Oval Importer Fixing VCID-brp2-dtrf-jyfr https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T20:31:49.239232+00:00 Debian Oval Importer Fixing VCID-19e1-19hk-duet https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T18:12:27.232734+00:00 Debian Oval Importer Fixing VCID-1vt7-c6e3-7qc8 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-08T22:39:58.252328+00:00 Debian Oval Importer Fixing VCID-brp2-dtrf-jyfr https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T20:12:03.627774+00:00 Debian Oval Importer Fixing VCID-19e1-19hk-duet https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T17:58:46.245743+00:00 Debian Oval Importer Fixing VCID-1vt7-c6e3-7qc8 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0