Search for packages
| purl | pkg:ebuild/dev-python/pillow@9.3.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-19e1-19hk-duet | Pillow before 9.2.0 performs Improper Handling of Highly Compressed GIF Data (Data Amplification). |
BIT-pillow-2022-45198
CVE-2022-45198 GHSA-m2vv-5vj5-2hm7 PYSEC-2022-42979 |
| VCID-1vt7-c6e3-7qc8 | The package pillow from 0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the getrgb function. |
BIT-pillow-2021-23437
CVE-2021-23437 GHSA-98vv-pw6r-q6q4 PYSEC-2021-317 SNYK-PYTHON-PILLOW-1319443 |
| VCID-4n96-uzyf-tud6 | Pillow before 9.3.0 allows denial of service via SAMPLESPERPIXEL. |
BIT-pillow-2022-45199
CVE-2022-45199 GHSA-q4mp-jvh2-76fj PYSEC-2022-42980 |
| VCID-brp2-dtrf-jyfr | Pillow before 9.0.1 allows attackers to delete files because spaces in temporary pathnames are mishandled. |
BIT-pillow-2022-24303
CVE-2022-24303 GHSA-9j59-75qj-795w GMS-2022-348 PYSEC-2022-168 |
| VCID-df4x-jt3h-17hx | path_getbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization of ImagePath.Path. |
BIT-pillow-2022-22816
CVE-2022-22816 GHSA-xrcv-f9gm-v42c PYSEC-2022-9 |
| VCID-dpc3-td9q-dyee | path_getbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path. |
BIT-pillow-2022-22815
CVE-2022-22815 GHSA-pw3c-h7wp-cvhx PYSEC-2022-8 |
| VCID-q4bb-qnxe-8bfa | PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitrary expressions, such as ones that use the Python exec method. |
BIT-pillow-2022-22817
CVE-2022-22817 GHSA-8vj2-vxx3-667w PYSEC-2022-10 |
| VCID-w9uy-fnpm-cbak | Pillow through 8.2.0 and PIL (aka Python Imaging Library) through 1.1.7 allow an attacker to pass controlled parameters directly into a convert function to trigger a buffer overflow in Convert.c. |
BIT-pillow-2021-34552
CVE-2021-34552 GHSA-7534-mm45-c74v PYSEC-2021-331 |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T13:10:06.632391+00:00 | Gentoo Importer | Fixing | VCID-4n96-uzyf-tud6 | https://security.gentoo.org/glsa/202211-10 | 38.0.0 |
| 2026-04-01T13:10:06.621515+00:00 | Gentoo Importer | Fixing | VCID-19e1-19hk-duet | https://security.gentoo.org/glsa/202211-10 | 38.0.0 |
| 2026-04-01T13:10:06.612988+00:00 | Gentoo Importer | Fixing | VCID-brp2-dtrf-jyfr | https://security.gentoo.org/glsa/202211-10 | 38.0.0 |
| 2026-04-01T13:10:06.604653+00:00 | Gentoo Importer | Fixing | VCID-q4bb-qnxe-8bfa | https://security.gentoo.org/glsa/202211-10 | 38.0.0 |
| 2026-04-01T13:10:06.596290+00:00 | Gentoo Importer | Fixing | VCID-df4x-jt3h-17hx | https://security.gentoo.org/glsa/202211-10 | 38.0.0 |
| 2026-04-01T13:10:06.588580+00:00 | Gentoo Importer | Fixing | VCID-dpc3-td9q-dyee | https://security.gentoo.org/glsa/202211-10 | 38.0.0 |
| 2026-04-01T13:10:06.580629+00:00 | Gentoo Importer | Fixing | VCID-w9uy-fnpm-cbak | https://security.gentoo.org/glsa/202211-10 | 38.0.0 |
| 2026-04-01T13:10:06.572764+00:00 | Gentoo Importer | Fixing | VCID-1vt7-c6e3-7qc8 | https://security.gentoo.org/glsa/202211-10 | 38.0.0 |