Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/python-pillow@2.0.0-20.gitd1c6db8?arch=el7_7
Typerpm
Namespaceredhat
Namepython-pillow
Version2.0.0-20.gitd1c6db8
Qualifiers
arch el7_7
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-cas2-jb3y-vyhz
vulnerability_id VCID-cas2-jb3y-vyhz
summary An issue was discovered in Pillow before 6.2.0. When reading specially crafted invalid image files, the library can either allocate very large amounts of memory or take an extremely long period of time to process the image.
references
0
reference_url https://access.redhat.com/errata/RHSA-2020:0566
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2020:0566
1
reference_url https://access.redhat.com/errata/RHSA-2020:0578
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2020:0578
2
reference_url https://access.redhat.com/errata/RHSA-2020:0580
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2020:0580
3
reference_url https://access.redhat.com/errata/RHSA-2020:0681
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2020:0681
4
reference_url https://access.redhat.com/errata/RHSA-2020:0683
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2020:0683
5
reference_url https://access.redhat.com/errata/RHSA-2020:0694
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2020:0694
6
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16865.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16865.json
7
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-16865
reference_id
reference_type
scores
0
value 0.03942
scoring_system epss
scoring_elements 0.88387
published_at 2026-05-05T12:55:00Z
1
value 0.03942
scoring_system epss
scoring_elements 0.8829
published_at 2026-04-01T12:55:00Z
2
value 0.03942
scoring_system epss
scoring_elements 0.88298
published_at 2026-04-02T12:55:00Z
3
value 0.03942
scoring_system epss
scoring_elements 0.88313
published_at 2026-04-04T12:55:00Z
4
value 0.03942
scoring_system epss
scoring_elements 0.88317
published_at 2026-04-07T12:55:00Z
5
value 0.03942
scoring_system epss
scoring_elements 0.88336
published_at 2026-04-08T12:55:00Z
6
value 0.03942
scoring_system epss
scoring_elements 0.88343
published_at 2026-04-09T12:55:00Z
7
value 0.03942
scoring_system epss
scoring_elements 0.88353
published_at 2026-04-11T12:55:00Z
8
value 0.03942
scoring_system epss
scoring_elements 0.88345
published_at 2026-04-13T12:55:00Z
9
value 0.03942
scoring_system epss
scoring_elements 0.88358
published_at 2026-04-16T12:55:00Z
10
value 0.03942
scoring_system epss
scoring_elements 0.88355
published_at 2026-04-18T12:55:00Z
11
value 0.03942
scoring_system epss
scoring_elements 0.88354
published_at 2026-04-21T12:55:00Z
12
value 0.03942
scoring_system epss
scoring_elements 0.88371
published_at 2026-04-24T12:55:00Z
13
value 0.03942
scoring_system epss
scoring_elements 0.88375
published_at 2026-04-26T12:55:00Z
14
value 0.03942
scoring_system epss
scoring_elements 0.88376
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-16865
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16865
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16865
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://github.com/advisories/GHSA-j7mj-748x-7p78
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-j7mj-748x-7p78
11
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/pillow/PYSEC-2019-110.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/pillow/PYSEC-2019-110.yaml
12
reference_url https://github.com/python-pillow/Pillow
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/python-pillow/Pillow
13
reference_url https://github.com/python-pillow/Pillow/commit/ab52630d0644e42a75eb88b78b9a9d7438a6fbeb
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/python-pillow/Pillow/commit/ab52630d0644e42a75eb88b78b9a9d7438a6fbeb
14
reference_url https://github.com/python-pillow/Pillow/issues/4123
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/python-pillow/Pillow/issues/4123
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EMJBUZQGQ2Q7HXYCQVRLU7OXNC7CAWWU/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EMJBUZQGQ2Q7HXYCQVRLU7OXNC7CAWWU/
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LYDXD7EE4YAEVSTNIFZKNVPRVJX5ZOG3/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LYDXD7EE4YAEVSTNIFZKNVPRVJX5ZOG3/
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EMJBUZQGQ2Q7HXYCQVRLU7OXNC7CAWWU
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EMJBUZQGQ2Q7HXYCQVRLU7OXNC7CAWWU
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EMJBUZQGQ2Q7HXYCQVRLU7OXNC7CAWWU/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EMJBUZQGQ2Q7HXYCQVRLU7OXNC7CAWWU/
19
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYDXD7EE4YAEVSTNIFZKNVPRVJX5ZOG3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYDXD7EE4YAEVSTNIFZKNVPRVJX5ZOG3
20
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYDXD7EE4YAEVSTNIFZKNVPRVJX5ZOG3/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYDXD7EE4YAEVSTNIFZKNVPRVJX5ZOG3/
21
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-16865
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-16865
22
reference_url https://pillow.readthedocs.io/en/latest/releasenotes/6.2.0.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://pillow.readthedocs.io/en/latest/releasenotes/6.2.0.html
23
reference_url https://ubuntu.com/security/notices/USN-4272-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://ubuntu.com/security/notices/USN-4272-1
24
reference_url https://usn.ubuntu.com/4272-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4272-1
25
reference_url https://usn.ubuntu.com/4272-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4272-1/
26
reference_url https://www.debian.org/security/2020/dsa-4631
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2020/dsa-4631
27
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1774066
reference_id 1774066
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1774066
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:pillow:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:python:pillow:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:pillow:*:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
fixed_packages
aliases CVE-2019-16865, GHSA-j7mj-748x-7p78, PYSEC-2019-110
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cas2-jb3y-vyhz
1
url VCID-sns1-ksqr-vbhr
vulnerability_id VCID-sns1-ksqr-vbhr
summary libImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode buffer overflow.
references
0
reference_url https://access.redhat.com/errata/RHSA-2020:0566
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2020:0566
1
reference_url https://access.redhat.com/errata/RHSA-2020:0578
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2020:0578
2
reference_url https://access.redhat.com/errata/RHSA-2020:0580
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2020:0580
3
reference_url https://access.redhat.com/errata/RHSA-2020:0681
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2020:0681
4
reference_url https://access.redhat.com/errata/RHSA-2020:0683
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2020:0683
5
reference_url https://access.redhat.com/errata/RHSA-2020:0694
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2020:0694
6
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-5312.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-5312.json
7
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-5312
reference_id
reference_type
scores
0
value 0.0173
scoring_system epss
scoring_elements 0.82551
published_at 2026-05-05T12:55:00Z
1
value 0.0173
scoring_system epss
scoring_elements 0.8238
published_at 2026-04-01T12:55:00Z
2
value 0.0173
scoring_system epss
scoring_elements 0.82394
published_at 2026-04-02T12:55:00Z
3
value 0.0173
scoring_system epss
scoring_elements 0.82412
published_at 2026-04-04T12:55:00Z
4
value 0.0173
scoring_system epss
scoring_elements 0.82409
published_at 2026-04-07T12:55:00Z
5
value 0.0173
scoring_system epss
scoring_elements 0.82437
published_at 2026-04-08T12:55:00Z
6
value 0.0173
scoring_system epss
scoring_elements 0.82444
published_at 2026-04-09T12:55:00Z
7
value 0.0173
scoring_system epss
scoring_elements 0.82462
published_at 2026-04-11T12:55:00Z
8
value 0.0173
scoring_system epss
scoring_elements 0.82458
published_at 2026-04-12T12:55:00Z
9
value 0.0173
scoring_system epss
scoring_elements 0.82453
published_at 2026-04-13T12:55:00Z
10
value 0.0173
scoring_system epss
scoring_elements 0.82489
published_at 2026-04-16T12:55:00Z
11
value 0.0173
scoring_system epss
scoring_elements 0.8249
published_at 2026-04-18T12:55:00Z
12
value 0.0173
scoring_system epss
scoring_elements 0.82494
published_at 2026-04-21T12:55:00Z
13
value 0.0173
scoring_system epss
scoring_elements 0.82516
published_at 2026-04-24T12:55:00Z
14
value 0.0173
scoring_system epss
scoring_elements 0.82527
published_at 2026-04-26T12:55:00Z
15
value 0.0173
scoring_system epss
scoring_elements 0.8253
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-5312
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19911
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19911
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5312
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5312
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5313
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5313
11
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
12
reference_url https://github.com/advisories/GHSA-p49h-hjvm-jg3h
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
2
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-p49h-hjvm-jg3h
13
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/pillow/PYSEC-2020-83.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/pillow/PYSEC-2020-83.yaml
14
reference_url https://github.com/pypa/advisory-db/blob/7872b0a91b4d980f749e6d75a81f8cc1af32829f/vulns/pillow/PYSEC-2020-83.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-db/blob/7872b0a91b4d980f749e6d75a81f8cc1af32829f/vulns/pillow/PYSEC-2020-83.yaml
15
reference_url https://github.com/python-pillow/Pillow
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/python-pillow/Pillow
16
reference_url https://github.com/python-pillow/Pillow/commit/93b22b846e0269ee9594ff71a72bec02d2bea8fd
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/python-pillow/Pillow/commit/93b22b846e0269ee9594ff71a72bec02d2bea8fd
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MMU3WT2X64GS5WHDPKKC2WZA7UIIQ3A
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MMU3WT2X64GS5WHDPKKC2WZA7UIIQ3A
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MMU3WT2X64GS5WHDPKKC2WZA7UIIQ3A/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MMU3WT2X64GS5WHDPKKC2WZA7UIIQ3A/
19
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3DUMIBUYGJRAVJCTFUWBRLVQKOUTVX5P
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3DUMIBUYGJRAVJCTFUWBRLVQKOUTVX5P
20
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3DUMIBUYGJRAVJCTFUWBRLVQKOUTVX5P/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3DUMIBUYGJRAVJCTFUWBRLVQKOUTVX5P/
21
reference_url https://pillow.readthedocs.io/en/stable/releasenotes/6.2.2.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://pillow.readthedocs.io/en/stable/releasenotes/6.2.2.html
22
reference_url https://usn.ubuntu.com/4272-1
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4272-1
23
reference_url https://usn.ubuntu.com/4272-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4272-1/
24
reference_url https://www.debian.org/security/2020/dsa-4631
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2020/dsa-4631
25
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1789533
reference_id 1789533
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1789533
26
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948224
reference_id 948224
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948224
27
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-5312
reference_id CVE-2020-5312
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-5312
28
reference_url https://access.redhat.com/errata/RHSA-2020:0898
reference_id RHSA-2020:0898
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0898
29
reference_url https://access.redhat.com/errata/RHSA-2021:0420
reference_id RHSA-2021:0420
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0420
fixed_packages
aliases BIT-pillow-2020-5312, CVE-2020-5312, GHSA-p49h-hjvm-jg3h, PYSEC-2020-83
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sns1-ksqr-vbhr
Fixing_vulnerabilities
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python-pillow@2.0.0-20.gitd1c6db8%3Farch=el7_7