VulnerableCode Package Details - pkg:pypi/pillow@1.1.7

Search for packages

Package details: pkg:pypi/pillow@1.1.7

Essentials
History (2)

purl	pkg:pypi/pillow@1.1.7
Tags	Ghost

Next non-vulnerable version	10.3.0
Latest non-vulnerable version	10.3.0
Risk	4.5

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-qs47-4gpq-aaas Aliases: BIT-2021-34552 BIT-pillow-2021-34552 CVE-2021-34552 GHSA-7534-mm45-c74v PYSEC-2021-331	Pillow through 8.2.0 and PIL (aka Python Imaging Library) through 1.1.7 allow an attacker to pass controlled parameters directly into a convert function to trigger a buffer overflow in Convert.c.	8.3.0 Affected by 14 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2024-09-17T22:27:04.646766+00:00	GitLab Importer	Affected by	VCID-qs47-4gpq-aaas	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Pillow/CVE-2021-34552.yml	34.0.1
2024-01-03T17:52:58.842395+00:00	GitLab Importer	Affected by	VCID-qs47-4gpq-aaas	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Pillow/CVE-2021-34552.yml	34.0.0rc1