Pillow Security Vulnerabilities and Issues — Pillow CVE List

Lucene search

PythonPillow

3 matches found

CVE•added 2022/01/10 2:12 p.m.•829 views

CVE-2022-22817

PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitrary expressions, such as ones that use the Python exec method. A lambda expression could also be used.

9.8CVSS8.9AI score0.02548EPSS

CVE•added 2022/01/10 2:12 p.m.•250 views

CVE-2022-22816

path_getbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization of ImagePath.Path.

6.5CVSS7.9AI score0.00149EPSS

CVE•added 2022/01/10 2:12 p.m.•245 views

CVE-2022-22815

path_getbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path.

6.5CVSS7.7AI score0.00095EPSS