VulnerableCode Package Details - pkg:alpm/archlinux/python-pillow@8.3.1-1

Search for packages

Package details: pkg:alpm/archlinux/python-pillow@8.3.1-1

Essentials
History (3)

purl	pkg:alpm/archlinux/python-pillow@8.3.1-1

Next non-vulnerable version	8.3.2-1
Latest non-vulnerable version	8.3.2-1
Risk	4.0

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-bnjc-ytj1-aaaq Aliases: BIT-2021-23437 BIT-pillow-2021-23437 CVE-2021-23437 GHSA-98vv-pw6r-q6q4 PYSEC-2021-317 SNYK-PYTHON-PILLOW-1319443	The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the getrgb function.	8.3.2-1 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-03-28T07:47:03.257203+00:00	Arch Linux Importer	Affected by	VCID-bnjc-ytj1-aaaq	https://security.archlinux.org/AVG-2366	36.0.0
2024-09-18T02:02:26.121040+00:00	Arch Linux Importer	Affected by	VCID-bnjc-ytj1-aaaq	https://security.archlinux.org/AVG-2366	34.0.1
2024-01-03T22:28:27.300299+00:00	Arch Linux Importer	Affected by	VCID-bnjc-ytj1-aaaq	https://security.archlinux.org/AVG-2366	34.0.0rc1