Pillow Security Vulnerabilities and Issues — Pillow CVE List

Lucene search

PythonPillow

6 matches found

CVE•added 2021/03/19 4:15 a.m.•256 views

CVE-2021-25292

An issue was discovered in Pillow before 8.1.1. The PDF parser allows a regular expression DoS (ReDoS) attack via a crafted PDF file because of a catastrophic backtracking regex.

6.5CVSS7.4AI score0.00162EPSS

CVE•added 2022/01/10 2:12 p.m.•255 views

CVE-2022-22816

path_getbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization of ImagePath.Path.

6.5CVSS7.9AI score0.00149EPSS

CVE•added 2022/01/10 2:12 p.m.•249 views

CVE-2022-22815

path_getbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path.

6.5CVSS7.7AI score0.00095EPSS

CVE•added 2016/04/13 4:59 p.m.•170 views

CVE-2016-2533

Buffer overflow in the ImagingPcdDecode function in PcdDecode.c in Pillow before 3.1.1 and Python Imaging Library (PIL) 1.1.7 and earlier allows remote attackers to cause a denial of service (crash) via a crafted PhotoCD file.

6.5CVSS6.2AI score0.01184EPSS

CVE•added 2016/04/13 4:59 p.m.•127 views

CVE-2016-0775

Buffer overflow in the ImagingFliDecode function in libImaging/FliDecode.c in Pillow before 3.1.1 allows remote attackers to cause a denial of service (crash) via a crafted FLI file.

6.5CVSS6.2AI score0.01369EPSS

CVE•added 2016/04/13 4:59 p.m.•120 views

CVE-2016-0740

Buffer overflow in the ImagingLibTiffDecode function in libImaging/TiffDecode.c in Pillow before 3.1.1 allows remote attackers to overwrite memory via a crafted TIFF file.

6.5CVSS6.4AI score0.00274EPSS