Search for packages
Package details: pkg:pypi/pillow@10.0.1
purl pkg:pypi/pillow@10.0.1
Next non-vulnerable version 10.3.0
Latest non-vulnerable version 10.3.0
Risk 4.5
Vulnerabilities affecting this package (2)
Vulnerability Summary Fixed by
VCID-ydt8-c1kr-aaak
Aliases:
CVE-2023-50447
GHSA-3f63-hfp8-52jq
Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than CVE-2022-22817 (which was about the expression parameter).
10.2.0
Affected by 1 other vulnerability.
VCID-zbbs-5sps-aaas
Aliases:
CVE-2024-28219
GHSA-44wm-f244-xhp3
In _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy.
10.3.0
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (3)
Vulnerability Summary Aliases
VCID-5557-vu7d-aaaa Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical) CVE-2023-4863
GHSA-j7hp-h8jx-5ppr
VCID-9rup-wxea-aaab Bundled libwebp in Pillow vulnerable GHSA-56pw-mpj4-fxww
GMS-2023-3137
VCID-j3u2-u8bx-aaam Pillow versions before v10.0.1 bundled libwebp binaries in wheels that are vulnerable to CVE-2023-4863. imagecodecs v10.0.1 upgrades the bundled libwebp binary to v1.3.2. PYSEC-2023-175

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-25T10:30:43.846672+00:00 GithubOSV Importer Fixing VCID-5557-vu7d-aaaa https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/09/GHSA-j7hp-h8jx-5ppr/GHSA-j7hp-h8jx-5ppr.json 36.1.3
2025-06-20T16:56:13.569912+00:00 GitLab Importer Affected by VCID-zbbs-5sps-aaas https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Pillow/CVE-2024-28219.yml 36.1.3
2025-06-20T16:51:16.972155+00:00 GitLab Importer Affected by VCID-ydt8-c1kr-aaak https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Pillow/CVE-2023-50447.yml 36.1.3
2025-06-20T16:44:44.651897+00:00 GitLab Importer Fixing VCID-9rup-wxea-aaab https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Pillow/GHSA-56pw-mpj4-fxww.yml 36.1.3
2025-06-20T16:44:42.988063+00:00 GitLab Importer Fixing VCID-9rup-wxea-aaab None 36.1.3
2025-06-20T16:44:42.580817+00:00 GitLab Importer Fixing VCID-9rup-wxea-aaab https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Pillow/GMS-2023-3137.yml 36.1.3
2025-06-03T23:33:02.758710+00:00 GitLab Importer Affected by VCID-zbbs-5sps-aaas https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Pillow/CVE-2024-28219.yml 36.1.0
2025-06-03T23:28:37.378711+00:00 GitLab Importer Affected by VCID-ydt8-c1kr-aaak https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Pillow/CVE-2023-50447.yml 36.1.0
2025-06-03T23:22:53.330300+00:00 GitLab Importer Fixing VCID-9rup-wxea-aaab https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Pillow/GHSA-56pw-mpj4-fxww.yml 36.1.0
2025-06-03T23:22:51.965356+00:00 GitLab Importer Fixing VCID-9rup-wxea-aaab None 36.1.0
2025-06-03T23:22:51.650282+00:00 GitLab Importer Fixing VCID-9rup-wxea-aaab https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Pillow/GMS-2023-3137.yml 36.1.0
2025-06-02T23:30:56.580521+00:00 GitLab Importer Affected by VCID-zbbs-5sps-aaas https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Pillow/CVE-2024-28219.yml 36.1.2
2025-06-02T23:26:16.434647+00:00 GitLab Importer Affected by VCID-ydt8-c1kr-aaak https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Pillow/CVE-2023-50447.yml 36.1.2
2025-06-02T23:20:15.285210+00:00 GitLab Importer Fixing VCID-9rup-wxea-aaab https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Pillow/GHSA-56pw-mpj4-fxww.yml 36.1.2
2025-06-02T23:20:13.371529+00:00 GitLab Importer Fixing VCID-9rup-wxea-aaab None 36.1.2
2025-06-02T23:20:13.018016+00:00 GitLab Importer Fixing VCID-9rup-wxea-aaab https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Pillow/GMS-2023-3137.yml 36.1.2
2025-06-01T05:13:11.748622+00:00 GitLab Importer Fixing VCID-9rup-wxea-aaab https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Pillow/GHSA-56pw-mpj4-fxww.yml 36.0.0
2025-05-31T05:55:44.269699+00:00 GHSA Importer Fixing VCID-9rup-wxea-aaab https://github.com/advisories/GHSA-56pw-mpj4-fxww 36.0.0
2025-05-30T23:20:07.135198+00:00 GithubOSV Importer Fixing VCID-9rup-wxea-aaab https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/10/GHSA-56pw-mpj4-fxww/GHSA-56pw-mpj4-fxww.json 36.0.0
2025-05-14T17:55:50.180989+00:00 GitLab Importer Fixing VCID-5557-vu7d-aaaa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Pillow/CVE-2023-4863.yml 36.0.0
2025-05-13T22:19:55.899767+00:00 GithubOSV Importer Fixing VCID-5557-vu7d-aaaa https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/09/GHSA-j7hp-h8jx-5ppr/GHSA-j7hp-h8jx-5ppr.json 36.0.0
2025-05-13T22:08:58.725994+00:00 GHSA Importer Fixing VCID-5557-vu7d-aaaa https://github.com/advisories/GHSA-j7hp-h8jx-5ppr 36.0.0
2025-04-03T22:01:40.280617+00:00 GitLab Importer Affected by VCID-zbbs-5sps-aaas https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Pillow/CVE-2024-28219.yml 36.0.0
2025-04-03T21:51:53.657321+00:00 GitLab Importer Affected by VCID-ydt8-c1kr-aaak https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Pillow/CVE-2023-50447.yml 36.0.0
2025-04-03T21:38:34.875230+00:00 GitLab Importer Fixing VCID-9rup-wxea-aaab None 36.0.0
2025-04-03T21:38:33.903031+00:00 GitLab Importer Fixing VCID-9rup-wxea-aaab https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Pillow/GMS-2023-3137.yml 36.0.0
2025-03-28T15:58:36.032324+00:00 Pypa Importer Fixing VCID-j3u2-u8bx-aaam https://github.com/pypa/advisory-database/blob/main/vulns/pillow/PYSEC-2023-175.yaml 36.0.0
2025-02-18T05:03:14.291353+00:00 GitLab Importer Fixing VCID-9rup-wxea-aaab None 35.1.0
2025-02-18T05:03:12.485456+00:00 GitLab Importer Fixing VCID-9rup-wxea-aaab https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Pillow/GMS-2023-3137.yml 35.1.0
2025-02-18T03:52:08.930577+00:00 GitLab Importer Affected by VCID-zbbs-5sps-aaas https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Pillow/CVE-2024-28219.yml 35.1.0
2025-02-18T03:42:02.348329+00:00 GitLab Importer Affected by VCID-ydt8-c1kr-aaak https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Pillow/CVE-2023-50447.yml 35.1.0
2024-11-21T01:41:06.367348+00:00 GitLab Importer Fixing VCID-9rup-wxea-aaab https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Pillow/GMS-2023-3137.yml 35.0.0
2024-11-21T01:05:09.568833+00:00 GitLab Importer Affected by VCID-zbbs-5sps-aaas https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Pillow/CVE-2024-28219.yml 35.0.0
2024-11-21T00:59:54.795384+00:00 GitLab Importer Affected by VCID-ydt8-c1kr-aaak https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Pillow/CVE-2023-50447.yml 35.0.0
2024-11-19T01:31:49.925133+00:00 GitLab Importer Fixing VCID-9rup-wxea-aaab https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Pillow/GMS-2023-3137.yml 34.3.2
2024-11-19T00:54:13.841429+00:00 GitLab Importer Affected by VCID-zbbs-5sps-aaas https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Pillow/CVE-2024-28219.yml 34.3.2
2024-11-19T00:48:32.669532+00:00 GitLab Importer Affected by VCID-ydt8-c1kr-aaak https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Pillow/CVE-2023-50447.yml 34.3.2
2024-10-15T19:17:51.894019+00:00 GithubOSV Importer Fixing VCID-5557-vu7d-aaaa https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/09/GHSA-j7hp-h8jx-5ppr/GHSA-j7hp-h8jx-5ppr.json 34.0.2
2024-10-15T17:58:06.336871+00:00 GithubOSV Importer Fixing VCID-9rup-wxea-aaab https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/10/GHSA-56pw-mpj4-fxww/GHSA-56pw-mpj4-fxww.json 34.0.2
2024-10-08T02:03:45.680314+00:00 GitLab Importer Fixing VCID-9rup-wxea-aaab https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Pillow/GMS-2023-3137.yml 34.0.2
2024-10-08T01:25:05.668717+00:00 GitLab Importer Affected by VCID-zbbs-5sps-aaas https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Pillow/CVE-2024-28219.yml 34.0.2
2024-10-08T01:20:27.385659+00:00 GitLab Importer Affected by VCID-ydt8-c1kr-aaak https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Pillow/CVE-2023-50447.yml 34.0.2
2024-10-07T22:08:55.141398+00:00 GHSA Importer Affected by VCID-zbbs-5sps-aaas https://github.com/advisories/GHSA-44wm-f244-xhp3 34.0.2
2024-10-07T21:49:12.681365+00:00 GHSA Importer Affected by VCID-ydt8-c1kr-aaak https://github.com/advisories/GHSA-3f63-hfp8-52jq 34.0.2
2024-10-07T16:06:18.402200+00:00 GHSA Importer Fixing VCID-9rup-wxea-aaab https://github.com/advisories/GHSA-56pw-mpj4-fxww 34.0.2
2024-09-23T01:29:57.494507+00:00 GitLab Importer Affected by VCID-zbbs-5sps-aaas https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Pillow/CVE-2024-28219.yml 34.0.1
2024-09-23T01:25:54.670432+00:00 GitLab Importer Affected by VCID-ydt8-c1kr-aaak https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Pillow/CVE-2023-50447.yml 34.0.1
2024-09-22T22:36:08.764288+00:00 GHSA Importer Affected by VCID-zbbs-5sps-aaas https://github.com/advisories/GHSA-44wm-f244-xhp3 34.0.1
2024-09-22T22:18:32.289115+00:00 GHSA Importer Affected by VCID-ydt8-c1kr-aaak https://github.com/advisories/GHSA-3f63-hfp8-52jq 34.0.1
2024-09-18T11:59:15.155382+00:00 Pypa Importer Fixing VCID-j3u2-u8bx-aaam https://github.com/pypa/advisory-database/blob/main/vulns/pillow/PYSEC-2023-175.yaml 34.0.1
2024-09-18T09:25:29.287620+00:00 GithubOSV Importer Fixing VCID-5557-vu7d-aaaa https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/09/GHSA-j7hp-h8jx-5ppr/GHSA-j7hp-h8jx-5ppr.json 34.0.1
2024-09-18T09:22:35.144167+00:00 GithubOSV Importer Fixing VCID-9rup-wxea-aaab https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/10/GHSA-56pw-mpj4-fxww/GHSA-56pw-mpj4-fxww.json 34.0.1
2024-09-17T23:17:31.115927+00:00 PyPI Importer Fixing VCID-j3u2-u8bx-aaam https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 34.0.1
2024-09-17T22:27:04.035774+00:00 GitLab Importer Fixing VCID-9rup-wxea-aaab https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Pillow/GMS-2023-3137.yml 34.0.1
2024-09-17T22:27:03.870202+00:00 GitLab Importer Fixing VCID-5557-vu7d-aaaa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Pillow/CVE-2023-4863.yml 34.0.1
2024-09-17T22:13:36.612941+00:00 GHSA Importer Fixing VCID-5557-vu7d-aaaa https://github.com/advisories/GHSA-j7hp-h8jx-5ppr 34.0.1
2024-09-17T22:13:36.244041+00:00 GHSA Importer Fixing VCID-9rup-wxea-aaab https://github.com/advisories/GHSA-56pw-mpj4-fxww 34.0.1
2024-05-18T00:35:07.738145+00:00 GitLab Importer Affected by VCID-zbbs-5sps-aaas https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Pillow/CVE-2024-28219.yml 34.0.0rc4
2024-05-17T21:01:03.793984+00:00 GHSA Importer Affected by VCID-ydt8-c1kr-aaak https://github.com/advisories/GHSA-3f63-hfp8-52jq 34.0.0rc4
2024-04-24T04:23:56.060185+00:00 GitLab Importer Fixing VCID-9rup-wxea-aaab None 34.0.0rc4
2024-04-24T04:23:55.074908+00:00 GitLab Importer Fixing VCID-9rup-wxea-aaab https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Pillow/GMS-2023-3137.yml 34.0.0rc4
2024-04-24T03:58:28.018762+00:00 GitLab Importer Affected by VCID-ydt8-c1kr-aaak https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Pillow/CVE-2023-50447.yml 34.0.0rc4
2024-04-23T23:17:17.322850+00:00 GithubOSV Importer Fixing VCID-5557-vu7d-aaaa https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/09/GHSA-j7hp-h8jx-5ppr/GHSA-j7hp-h8jx-5ppr.json 34.0.0rc4
2024-04-23T23:14:40.246326+00:00 GithubOSV Importer Fixing VCID-9rup-wxea-aaab https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/10/GHSA-56pw-mpj4-fxww/GHSA-56pw-mpj4-fxww.json 34.0.0rc4
2024-04-23T17:14:44.125994+00:00 GHSA Importer Fixing VCID-9rup-wxea-aaab https://github.com/advisories/GHSA-56pw-mpj4-fxww 34.0.0rc4
2024-04-23T17:14:43.164738+00:00 GHSA Importer Fixing VCID-9rup-wxea-aaab None 34.0.0rc4
2024-01-10T07:00:58.161315+00:00 GitLab Importer Fixing VCID-9rup-wxea-aaab None 34.0.0rc2
2024-01-10T07:00:57.191041+00:00 GitLab Importer Fixing VCID-9rup-wxea-aaab https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Pillow/GMS-2023-3137.yml 34.0.0rc2
2024-01-09T19:04:55.711793+00:00 GHSA Importer Fixing VCID-9rup-wxea-aaab https://github.com/advisories/GHSA-56pw-mpj4-fxww 34.0.0rc2
2024-01-09T19:04:54.757312+00:00 GHSA Importer Fixing VCID-9rup-wxea-aaab None 34.0.0rc2
2024-01-03T23:46:51.172523+00:00 GitLab Importer Fixing VCID-9rup-wxea-aaab None 34.0.0rc1
2024-01-03T18:53:49.842199+00:00 PyPI Importer Fixing VCID-j3u2-u8bx-aaam https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 34.0.0rc1
2024-01-03T18:15:19.049482+00:00 Pypa Importer Fixing VCID-j3u2-u8bx-aaam https://github.com/pypa/advisory-database/blob/main/vulns/pillow/PYSEC-2023-175.yaml 34.0.0rc1
2024-01-03T17:52:58.374477+00:00 GitLab Importer Fixing VCID-9rup-wxea-aaab https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Pillow/GMS-2023-3137.yml 34.0.0rc1
2024-01-03T17:52:58.261627+00:00 GitLab Importer Fixing VCID-5557-vu7d-aaaa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Pillow/CVE-2023-4863.yml 34.0.0rc1
2024-01-03T17:43:47.310606+00:00 GHSA Importer Fixing VCID-5557-vu7d-aaaa https://github.com/advisories/GHSA-j7hp-h8jx-5ppr 34.0.0rc1
2024-01-03T17:43:46.971930+00:00 GHSA Importer Fixing VCID-9rup-wxea-aaab https://github.com/advisories/GHSA-56pw-mpj4-fxww 34.0.0rc1
2024-01-03T14:56:46.391988+00:00 GHSA Importer Fixing VCID-9rup-wxea-aaab None 34.0.0rc1