VIR Vulnerability Intelligence Relay

Package impact

python PyPI / pillow

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2023-4863 high 9.5 3y ago Important: firefox security update redhatdebianrockylinuxsuse+5
CVE-2025-48379 high 8.0 11mo ago Pillow is a Python imaging library. In versions 11.2.0 to before 11.3.0, there is a heap buffer overflow when writing a sufficiently large (>64k encoded with default settings) image in the DDS format… archsusedebianpython
CVE-2023-50447 high 8.0 2y ago Important: python-pillow security update susedebianpython
CVE-2023-5129 high 8.0 3y ago libwebp: OOB write in BuildHuffmanTable redhatrockylinuxsuserust+4
CVE-2022-22815 high 8.0 4y ago Important: python-pillow security update suserockylinuxdebianpython
CVE-2022-22816 high 8.0 4y ago Important: python-pillow security update suserockylinuxdebianpython
CVE-2022-22817 high 8.0 4y ago Important: python-pillow security update suserockylinuxdebianpython
CVE-2020-11538 high 8.0 6y ago In libImaging/SgiRleDecode.c in Pillow through 7.0.0, a number of out-of-bounds reads exist in the parsing of SGI image files, a different issue than CVE-2020-5311. suserockylinuxdebianpython
CVE-2020-5313 high 8.0 6y ago libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overflow. suserockylinuxdebianpython
CVE-2026-42311 high 7.8 7.8 19d ago Pillow has an OOB Write with Invalid PSD Tile Extents (Integer Overflow) debianpython
CVE-2016-9190 high 7.8 7.8 10y ago Pillow before 3.3.2 allows context-dependent attackers to execute arbitrary code by using the "crafted image file" approach, related to an "Insecure Sign Extension" issue affecting the ImagingNew in … susedebianpython
CVE-2026-25990 high 7.5 7.5 4mo ago Pillow affected by out-of-bounds write when loading PSD images susedebianpython