SUSE CVE-2026-42309

Pillow is a Python imaging library. From version 11.2.1 to before version 12.2.0, passing nested lists as coordinates to APIs that accept coordinates such as ImagePath.Path, ImageDraw.ImageDraw.polygon and ImageDraw.ImageDraw.line could cause a heap buffer overflow, as nested lists were recursive...

BIT-PILLOW-2026-42309 Pillow: Heap buffer overflow with nested list coordinates

Pillow is a Python imaging library. From version 11.2.1 to before version 12.2.0, passing nested lists as coordinates to APIs that accept coordinates such as ImagePath.Path, ImageDraw.ImageDraw.polygon and ImageDraw.ImageDraw.line could cause a heap buffer overflow, as nested lists were recursive...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow in ImagePath.Path, ImageDraw.ImageDraw.polygon, and ImageDraw.ImageDraw.line, all of which accept nested coordinates as input. An attacker can cause denial of service by supplying nested lists as coordinates,...

PT-2026-37198

Name of the Vulnerable Software and Affected Versions Pillow versions 11.2.1 through 12.1.x Description Passing nested lists as coordinates to APIs that accept coordinates, such as 'ImagePath.Path', 'ImageDraw.ImageDraw.polygon', and 'ImageDraw.ImageDraw.line', can cause a heap buffer overflow...

MiracleLinux 7 : python-pillow-2.0.0-24.gitd1c6db8.el7 (AXSA:2024-7452:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-7452:01 advisory. python-pillow: uncontrolled resource consumption when textlength in an ImageDraw instance operates on a long text argument CVE-2023-44271 Tenable has extract...

MiracleLinux 8 : python-pillow-5.1.1-20.el8 (AXSA:2024-8290:04)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8290:04 advisory. python-pillow: uncontrolled resource consumption when textlength in an ImageDraw instance operates on a long text argument CVE-2023-44271 Tenable has extract...

python-pillow: uncontrolled resource consumption when textlength in an ImageDraw instance operates on a long text argument

A flaw was found in Pillow. A denial of service issue uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for TrueType in ImageFont when text length in an ImageDraw instance operates on a long text argument...

python-pillow: uncontrolled resource consumption when textlength in an ImageDraw instance operates on a long text argument

A flaw was found in Pillow. A denial of service issue uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for TrueType in ImageFont when text length in an ImageDraw instance operates on a long text argument...

Medium: python-pillow

Issue Overview: An issue was discovered in Pillow before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for truetype in ImageFont when textlength in an ImageDraw...

PYSEC-2023-227

An issue was discovered in Pillow before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for truetype in ImageFont when textlength in an ImageDraw instance operates o...