pkg:Bitnami/pillow

All known vulnerabilities

• CRITICAL9.8CVE-2020-5311Buffer Copy without Checking Size of Input in Pillow
  from 0, < 6.2.2
• CRITICAL9.8CVE-2022-22817Arbitrary expression injection in Pillow
  from 0, < 9.0.1
• CRITICAL9.8CVE-2020-5312PCX P mode buffer overflow in Pillow
  from 0, < 6.2.2
• CRITICAL9.8CVE-2021-34552Buffer Overflow in Pillow
  >= 1.0.0, < 1.1.8, >= 1.2.0, < 8.2.1
• CRITICAL9.8CVE-2021-25289Out of bounds write in Pillow
  from 0, < 8.1.1
• CRITICAL9.1CVE-2022-24303Path traversal in Pillow
  from 0, < 9.0.1
• CRITICAL9.1CVE-2021-25288Pillow Out-of-bounds Read vulnerability
  from 0, < 8.2.0
• CRITICAL9.1CVE-2021-25287Out-of-bounds Read in Pillow
  from 0, < 8.2.0
• HIGH8.8CVE-2020-5310Integer overflow in Pillow
  from 0, < 6.2.2
• HIGH8.8CVE-2020-35654Pillow Out-of-bounds Write
  from 0, < 8.1.0
• HIGH8.1CVE-2023-50447Arbitrary Code Execution in Pillow
  from 0, < 10.1.1
• HIGH8.1CVE-2020-11538Out-of-bounds read in Pillow
  from 0, < 7.0.1
• HIGH7.8CVE-2026-42311Pillow has an OOB Write with Invalid PSD Tile Extents (Integer Overflow)
  >= 10.3.0, < 12.2.0
• HIGH7.8CVE-2020-10379Buffer overflow in Pillow
  from 0, < 7.1.0
• HIGH7.5CVE-2026-40192Pillow is vulnerable to a FITS GZIP decompression bomb
  >= 10.3.0, < 12.2.0
• HIGH7.5CVE-2026-25990Pillow affected by out-of-bounds write when loading PSD images
  >= 10.3.0, < 12.1.1
• HIGH7.5CVE-2023-44271pillow - security update
  from 0, < 10.0.0
• HIGH7.5CVE-2022-45199Pillow subject to DoS via SAMPLESPERPIXEL tag
  from 0, < 9.3.0
• HIGH7.5CVE-2022-45198Pillow vulnerable to Data Amplification attack.
  from 0, < 9.2.0
• HIGH7.5CVE-2022-30595Buffer over-flow in Pillow
  >= 9.1.0, < 9.1.1
• HIGH7.5CVE-2021-23437Regular Expression Denial of Service (ReDoS)
  >= 5.2.0, < 8.3.2
• HIGH7.5CVE-2021-28677Uncontrolled Resource Consumption in Pillow
  from 0, < 8.2.0
• HIGH7.5CVE-2021-28676Potential infinite loop in Pillow
  from 0, < 8.2.0
• HIGH7.5CVE-2021-25291Out of bounds read in Pillow
  from 0, < 8.1.1
• HIGH7.5CVE-2021-25290Out-of-bounds Write in Pillow
  from 0, < 8.1.1
• HIGH7.5CVE-2021-25293Out of bounds read in Pillow
  from 0, < 8.1.1
• HIGH7.5CVE-2021-27922Pillow Uncontrolled Resource Consumption
  from 0, < 8.1.1
• HIGH7.5CVE-2021-27921Pillow Denial of Service by Uncontrolled Resource Consumption
  from 0, < 8.1.1
• HIGH7.5CVE-2021-27923Pillow Denial of Service by Uncontrolled Resource Consumption
  from 0, < 8.1.1
• HIGH7.1CVE-2025-48379Pillow vulnerability can cause write buffer overflow on BCn encoding
  >= 11.2.0
• HIGH7.1CVE-2020-35653pillow - security update
  from 0, < 8.1.0
• HIGH7.1CVE-2020-5313Out-of-bounds Read in Pillow
  from 0, < 6.2.2
• MEDIUM6.7CVE-2024-28219pillow - security update
  from 0
• MEDIUM6.5CVE-2022-22815pillow - security update
  from 0, < 9.0.0
• MEDIUM6.5CVE-2022-22816Out-of-bounds Read in Pillow
  from 0, < 9.0.0
• MEDIUM6.5CVE-2021-25292Regular Expression Denial of Service (ReDoS) in Pillow
  from 0, < 8.1.1
• MEDIUM5.5CVE-2026-42310Pillow has a PDF Parsing Trailer Infinite Loop (DoS)
  >= 4.2.0, < 12.2.0
• MEDIUM5.5CVE-2026-42308Pillow: Integer overflow when processing fonts
  from 0, < 12.2.0
• MEDIUM5.5CVE-2026-42309Pillow has a heap buffer overflow with nested list coordinates
  >= 11.2.1, < 12.2.0
• MEDIUM5.5CVE-2020-10378Out-of-bounds read in Pillow
  from 0, < 7.1.0
• MEDIUM5.5CVE-2021-28678Insufficient Verification of Data Authenticity in Pillow
  from 0, < 8.2.0
• MEDIUM5.5CVE-2021-28675Pillow denial of service
  from 0, < 8.2.0
• MEDIUM5.5CVE-2020-10177pillow - security update
  from 0, < 7.1.0
• MEDIUM5.5CVE-2020-10994Out-of-bounds reads in Pillow
  from 0, < 7.1.0
• MEDIUM5.4CVE-2020-35655Pillow Out-of-bounds Read
  >= 4.3.0, < 8.1.0