Python Imaging Library Security Vulnerabilities and Issues — Python Imaging Library CVE List

PythonwarePython Imaging Library

3 matches found

CVE•added 2014/04/17 2:0 p.m.•108 views

CVE-2014-1932

CVE-2014-1932 affects Python Imaging Library (PIL) 1.1.7 and earlier and Pillow prior to 2.3.1. The vulnerability is caused by improper creation of temporary files in PIL components (DJPEG in JpegImagePlugin.py, Ghostscript in EpsImagePlugin.py, load in IptcImagePlugin.py, and _copy in Image.py),...

4.4CVSS7.1AI score0.00098EPSS

CVE•added 2014/04/17 2:0 p.m.•91 views

CVE-2014-1933

CVE-2014-1933 and related flaws affect Python Imaging Library (PIL) 1.1.7 and earlier and Pillow before 2.3.1, where temporary-file handling and command-line file-name usage enable local and symlink-based attacks (e.g., load_djpeg, EpsImagePlugin.py, IptcImagePlugin.py, Image.py). Root causes inc...

2.1CVSS7.3AI score0.00111EPSS

CVE•added 2014/04/27 8:0 p.m.•73 views

CVE-2014-3007

The CVE-2014-3007 entry concerns Python Imaging Library (PIL) 1.1.7 and earlier and Pillow 2.3, where command injection could occur via shell metacharacters. Description states vulnerable components include PIL/Pillow-related code and mentions CVE-2014-1932 with possible involvement of JpegImageP...

10CVSS7.8AI score0.03547EPSS