Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

pypi pillow Security Advisories

Browse all Security Advisories for pypi pillow

Loading...
Moderate
GSA_kwCzR0hTQS00NHdtLWYyNDQteGhwM84AA6j6
Pillow buffer overflow vulnerability
Ecosystems: pypi
Packages: pillow
Source: GitHub Advisory Database
Blast Radius: 33.2
Published: 5 months ago
High
GSA_kwCzR0hTQS04Z2hqLXA0dmotbXIzNc4AA250
Pillow Denial of Service vulnerability
Ecosystems: pypi
Packages: pillow
Source: GitHub Advisory Database
Blast Radius: 37.1
Published: 10 months ago
High
GSA_kwCzR0hTQS01NnB3LW1wajQtZnh3d84AA2QC
Bundled libwebp in Pillow vulnerable
Ecosystems: pypi
Packages: pillow
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 11 months ago
High
GSA_kwCzR0hTQS1tMnZ2LTV2ajUtMmhtN84AAv2p
Pillow vulnerable to Data Amplification attack.
Ecosystems: pypi
Packages: pillow
Source: GitHub Advisory Database
Blast Radius: 37.1
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1xNG1wLWp2aDItNzZmas4AAv2m
Pillow subject to DoS via SAMPLESPERPIXEL tag
Ecosystems: pypi
Packages: pillow
Source: GitHub Advisory Database
Blast Radius: 37.1
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1yN3JtLThqNmgtcjkzM84AAjLe
Buffer Copy without Checking Size of Input in Pillow
Ecosystems: pypi
Packages: pillow
Source: GitHub Advisory Database
Blast Radius: 48.5
Published: over 2 years ago
High
GSA_kwCzR0hTQS04bTl4LXB4d3EtajIzNs4AAelu
Pillow command injection
Ecosystems: pypi
Packages: pillow
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS12OXBjLTltdnAteDg3Z84AAbp5
Pillow Buffer overflow in Jpeg2KEncode.c
Ecosystems: pypi
Packages: pillow
Source: GitHub Advisory Database
Blast Radius: 27.2
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS14ODk1LTJ3cm0taHZwN84AAbcx
PIL and Pillow Vulnerable to Symlink Attack on Tmpfiles
Ecosystems: pypi
Packages: pillow
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS1oNXJmLXZncXgtd2p2Ms4AAU_b
Pillow denial of service via PNG bomb
Ecosystems: pypi
Packages: pillow
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS1qNmY3LWc0MjUtNGdteM4AAU-u
Pillow is vulnerable to Denial of Service (DOS) in the Jpeg2KImagePlugin
Ecosystems: pypi
Packages: pillow
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS1jZm1yLTM4ZzktZjJoN84AAU-s
Pillow denial of service via Crafted Block Size
Ecosystems: pypi
Packages: pillow
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Critical
GSA_kwCzR0hTQS03NTM0LW1tNDUtYzc0ds0WKQ
Buffer Overflow in Pillow
Ecosystems: pypi
Packages: pillow
Source: GitHub Advisory Database
Blast Radius: 48.5
Published: almost 3 years ago
High
GSA_kwCzR0hTQS05OHZ2LXB3NnItcTZxNM0VnA
Uncontrolled Resource Consumption in pillow
Ecosystems: pypi
Packages: pillow
Source: GitHub Advisory Database
Blast Radius: 37.1
Published: about 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpncHYtNGg0Yy14aHcz
Uncontrolled Resource Consumption in pillow
Ecosystems: pypi
Packages: pillow
Source: GitHub Advisory Database
Blast Radius: 37.1
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo3bWotNzQ4eC03cDc4
DOS attack in Pillow when processing specially crafted image files
Ecosystems: pypi
Packages: pillow
Source: GitHub Advisory Database
Blast Radius: 37.1
Published: almost 5 years ago
Statistics
Advisories: 19,981
Packages: 8,796
Repositories: 4
Ecosystems: 12
Filter by Package
tensorflow 433 tensorflow-gpu 425 tensorflow-cpu 422 apache-airflow 85 django 80 ansible 63 salt 55 Plone 52 apache-superset 51 nova 47 mlflow 46 plone 43 rdiffweb 42 Pillow 41 Django 40 vyper 38 matrix-synapse 35 moin 35 opencv-contrib-python 31 opencv-python 31 keystone 31 glance 20 langchain 18 gradio 18 PaddlePaddle 17 mercurial 17 cobbler 17 neutron 16 pillow 16 cryptography 16 notebook 16 pyload-ng 15 paddlepaddle 15 ethyca-fides 15 pyftpdlib 14 modoboa 14 twisted 13 OctoPrint 13 vantage6 13 calibreweb 12 aiohttp 12 wagtail 12 roundup 12 urllib3 12 swift 12 onionshare-cli 11 horizon 11 zenml 11 trytond 10 opencv-python-headless 10 nautobot 10 opencv-contrib-python-headless 10 Flask-AppBuilder 10 zope 9 cinder 9 ryu 9 waitress 9 kiwitcms 9 Zope 9 ckan 8 python-keystoneclient 8 numpy 8 trac 8 aubio 8 sentry 8 label-studio 8 scrapy 7 pysaml2 7 lollms 7 mindsdb 7 jupyter-server 7 lief 7 pgadmin4 7 pip 7 ipython 7 matrix-sydent 7 litellm 7 graphite-web 6 tornado 6 apache-airflow-providers-apache-hive 6 Zope2 6 yt-dlp 6 mage-ai 6 inventree 6 lxml 6 tuf 6 web2py 6 mailman 6 requests 6 Moin 6 oauthenticator 5 Products.CMFPlone 5 torchserve 5 ait-core 5 bleach 5 feedparser 5 grpcio 5 grpc 5 Jinja2 5 jupyterhub 5 pyspark 5 pretix 5 omero-web 5 whoogle-search 5 saleor 5 paramiko 5 aim 5 lmdb 5 python-gnupg 5 nltk 5 mobsf 4 streamlit 4 Pygments 4 barbican 4 Keystone 4 awsiotsdk 4 markdown2 4 Radicale 4 langchain-experimental 4 nvflare 4 reportlab 4 indico 4 tripleo-heat-templates 4 werkzeug 4 datasette 4 Weblate 4 GitPython 4 starlette 4 esphome 4 Flask-Security-Too 4 Nova 4 jwcrypto 4 keylime 4 jupyterlab 4 dbt-core 4 bottle 4 FreeTAKServer-UI 4 dtale 4 qutebrowser 4 Werkzeug 4 transformers 4 indy-node 4 httpie 4 aws-iot-device-sdk-v2 4 Scrapy 4 software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk 4 buildbot 4 PyPDF2 4 flask 3 scikit-learn 3 ydata-profiling 3 httplib2 3 llama-index 3 openvpn-monitor 3 gerapy 3 ansible-core 3 ecdsa 3 homeassistant 3 pywasm3 3 sosreport 3 torch 3 sickrage 3 setuptools 3 vanna 3 Products.PluggableAuthService 3 bitlyshortener 3 h2o 3 openstack-heat 3 copyparty 3 keystonemiddleware 3 sanic 3 ray 3 poetry 3 asyncssh 3 anki 3 django-tinymce 3 TinyMCE 3 tinymce/tinymce 3 tinymce 3 quokka 3 apache-airflow-providers-apache-spark 3 pyarrow 3 sqlparse 3 pandasai 3 ajenti 3 SQLAlchemy 3 llama-index-core 3 apache-iotdb 3 pycrypto 3 django-helpdesk 3 io.grpc:grpc-protobuf 3 pyyaml 3 Red-DiscordBot 3 asyncua 3 wger 3 changedetection.io 3 keyring 3 plone.app.event 3 plone.app.theming 3 plone.app.dexterity 3