VulnerableCode Package Details - pkg:ebuild/dev-python/pillow@8.1.0

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:ebuild/dev-python/pillow@8.1.0

Essentials
History (3)

purl	pkg:ebuild/dev-python/pillow@8.1.0

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (3)

Vulnerability	Summary	Aliases
VCID-6gyu-fzpg-c3bn	In Pillow before 8.1.0, TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode.	BIT-pillow-2020-35654 CVE-2020-35654 GHSA-vqcj-wrf2-7v73 PYSEC-2021-70
VCID-7bjx-gkf7-cke9	In Pillow before 8.1.0, SGIRleDecode has a 4-byte buffer over-read when decoding crafted SGI RLE image files because offsets and length tables are mishandled.	BIT-pillow-2020-35655 CVE-2020-35655 GHSA-hf64-x4gq-p99h PYSEC-2021-71
VCID-x15z-dejc-9ba6	In Pillow before 8.1.0, PcxDecode has a buffer over-read when decoding a crafted PCX file because the user-supplied stride value is trusted for buffer calculations.	BIT-pillow-2020-35653 CVE-2020-35653 GHSA-f5g8-5qq7-938w PYSEC-2021-69

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T13:10:05.914199+00:00	Gentoo Importer	Fixing	VCID-7bjx-gkf7-cke9	https://security.gentoo.org/glsa/202101-08	38.0.0
2026-04-01T13:10:05.905744+00:00	Gentoo Importer	Fixing	VCID-6gyu-fzpg-c3bn	https://security.gentoo.org/glsa/202101-08	38.0.0
2026-04-01T13:10:05.896951+00:00	Gentoo Importer	Fixing	VCID-x15z-dejc-9ba6	https://security.gentoo.org/glsa/202101-08	38.0.0