pkg:Debian/pillow

73 total CVEsCRITICAL10HIGH38MEDIUM25

✅ Check your installed version

All known vulnerabilities

CRITICAL9.8CVE-2020-5311Buffer Copy without Checking Size of Input in Pillow
from 0, < 7.0.0-1
CRITICAL9.8CVE-2014-3007Pillow command injection
from 0, < 2.4.0-1
CRITICAL9.8CVE-2022-22817Arbitrary expression injection in Pillow
from 0, < 8.1.2+dfsg-0.3+deb11u1
CRITICAL9.8CVE-2020-5312PCX P mode buffer overflow in Pillow
from 0, < 7.0.0-1
CRITICAL9.8CVE-2021-34552Buffer Overflow in Pillow
from 0, < 8.1.2+dfsg-0.3
CRITICAL9.8CVE-2021-25289Out of bounds write in Pillow
from 0, < 8.1.1-1
CRITICAL9.8CVE-2016-4009Pillow Integer overflow in ImagingResampleHorizontal
from 0, < 3.1.1-1
CRITICAL9.1CVE-2022-24303Path traversal in Pillow
from 0, < 8.1.2+dfsg-0.3+deb11u3
CRITICAL9.1CVE-2021-25288Pillow Out-of-bounds Read vulnerability
from 0, < 8.1.2+dfsg-0.2
CRITICAL9.1CVE-2021-25287Out-of-bounds Read in Pillow
from 0, < 8.1.2+dfsg-0.2
HIGH8.8CVE-2020-5310Integer overflow in Pillow
from 0, < 7.0.0-1
HIGH8.8CVE-2020-35654Pillow Out-of-bounds Write
from 0, < 8.1.0-1
HIGH8.1CVE-2023-50447Arbitrary Code Execution in Pillow
from 0, < 8.1.2+dfsg-0.3+deb11u2
HIGH8.1CVE-2023-50447Arbitrary Code Execution in Pillow
from 0, < 5.4.1-2+deb10u4
HIGH8.1CVE-2020-11538Out-of-bounds read in Pillow
from 0, < 7.2.0-1
HIGH7.8CVE-2026-42311Pillow has an OOB Write with Invalid PSD Tile Extents (Integer Overflow)
from 0
HIGH7.8CVE-2020-10379Buffer overflow in Pillow
from 0, < 7.2.0-1
HIGH7.8CVE-2016-9190Arbitrary code using "crafted image file" approach affecting Pillow
from 0, < 3.4.2-1
HIGH7.7CVE-2014-1932PIL and Pillow Vulnerable to Symlink Attack on Tmpfiles
from 0, < 2.4.0-1
HIGH7.5CVE-2026-40192Pillow is vulnerable to a FITS GZIP decompression bomb
from 0, < 11.1.0-5+deb13u2
HIGH7.5CVE-2026-25990Pillow affected by out-of-bounds write when loading PSD images
from 0, < 11.1.0-5+deb13u1
HIGH7.5CVE-2026-25990Pillow affected by out-of-bounds write when loading PSD images
from 0, < 11.1.0-5+deb13u1
HIGH7.5CVE-2023-44271pillow - security update
from 0, < 8.1.2+dfsg-0.3+deb11u2
HIGH7.5CVE-2023-44271pillow - security update
from 0, < 8.1.2+dfsg-0.3+deb11u2
HIGH7.5CVE-2022-45198Pillow vulnerable to Data Amplification attack.
from 0, < 8.1.2+dfsg-0.3+deb11u3
HIGH7.5CVE-2022-45199Pillow subject to DoS via SAMPLESPERPIXEL tag
from 0, < 9.3.0-1
HIGH7.5CVE-2022-30595Buffer over-flow in Pillow
from 0, < 9.1.1-1
HIGH7.5CVE-2014-9601Pillow denial of service via PNG bomb
from 0, < 2.6.1-2
HIGH7.5CVE-2014-3589python-imaging - security update
from 0, < 2.5.3-1
HIGH7.5CVE-2014-3598Pillow is vulnerable to Denial of Service (DOS) in the Jpeg2KImagePlugin
from 0, < 2.5.3-1
HIGH7.5CVE-2021-23437Regular Expression Denial of Service (ReDoS)
from 0, < 8.1.2+dfsg-0.3+deb11u3
HIGH7.5CVE-2021-23437Regular Expression Denial of Service (ReDoS)
from 0, < 8.1.2+dfsg-0.3+deb11u3
HIGH7.5CVE-2021-23437Regular Expression Denial of Service (ReDoS)
from 0, < 5.4.1-2+deb10u5
HIGH7.5CVE-2021-28677Uncontrolled Resource Consumption in Pillow
from 0, < 8.1.2+dfsg-0.2
HIGH7.5CVE-2021-28676Potential infinite loop in Pillow
from 0, < 8.1.2+dfsg-0.2
HIGH7.5CVE-2021-25291Out of bounds read in Pillow
from 0, < 8.1.1-1
HIGH7.5CVE-2021-25290Out-of-bounds Write in Pillow
from 0, < 8.1.1-1
HIGH7.5CVE-2021-25293Out of bounds read in Pillow
from 0, < 8.1.1-1
HIGH7.5CVE-2021-27922Pillow Uncontrolled Resource Consumption
from 0, < 8.1.2-1
HIGH7.5CVE-2021-27921Pillow Denial of Service by Uncontrolled Resource Consumption
from 0, < 8.1.2-1
HIGH7.5CVE-2021-27923Pillow Denial of Service by Uncontrolled Resource Consumption
from 0, < 8.1.2-1
HIGH7.5CVE-2019-19911pillow - security update
from 0, < 7.0.0-1
HIGH7.5CVE-2019-19911pillow - security update
from 0, < 2.6.1-2+deb8u4
HIGH7.5CVE-2019-19911pillow - security update
from 0, < 4.0.0-4+deb9u1
HIGH7.5CVE-2019-16865DOS attack in Pillow when processing specially crafted image files
from 0, < 6.2.0-1
HIGH7.1CVE-2020-35653pillow - security update
from 0, < 8.1.0-1
HIGH7.1CVE-2020-35653pillow - security update
from 0, < 4.0.0-4+deb9u3
HIGH7.1CVE-2020-5313Out-of-bounds Read in Pillow
from 0, < 7.0.0-1
MEDIUM6.7CVE-2024-28219pillow - security update
from 0, < 8.1.2+dfsg-0.3+deb11u2
MEDIUM6.7CVE-2024-28219pillow - security update
from 0, < 5.4.1-2+deb10u6
MEDIUM6.5CVE-2022-22815pillow - security update
from 0, < 5.4.1-2+deb10u3
MEDIUM6.5CVE-2022-22815pillow - security update
from 0, < 4.0.0-4+deb9u4
MEDIUM6.5CVE-2022-22815pillow - security update
from 0, < 8.1.2+dfsg-0.3+deb11u1
MEDIUM6.5CVE-2022-22816Out-of-bounds Read in Pillow
from 0, < 8.1.2+dfsg-0.3+deb11u1
MEDIUM6.5CVE-2021-25292Regular Expression Denial of Service (ReDoS) in Pillow
from 0, < 8.1.1-1
MEDIUM6.5CVE-2016-0775python-imaging - security update
from 0, < 3.1.1-1
MEDIUM6.5CVE-2016-2533Pillow buffer overflow in ImagingPcdDecode
from 0, < 3.1.1-1
MEDIUM6.5CVE-2016-0740pillow - security update
from 0, < 3.1.1-1
MEDIUM6.5CVE-2016-0740pillow - security update
from 0, < 2.6.1-2+deb8u2
MEDIUM5.5CVE-2026-42310Pillow has a PDF Parsing Trailer Infinite Loop (DoS)
from 0
MEDIUM5.5CVE-2026-42308Pillow: Integer overflow when processing fonts
from 0
MEDIUM5.5CVE-2026-42309Pillow has a heap buffer overflow with nested list coordinates
from 0, < 12.2.0-1
MEDIUM5.5CVE-2016-3076Pillow Buffer overflow in Jpeg2KEncode.c
from 0, < 3.2.0-1
MEDIUM5.5CVE-2020-10378Out-of-bounds read in Pillow
from 0, < 7.2.0-1
MEDIUM5.5CVE-2021-28678Insufficient Verification of Data Authenticity in Pillow
from 0, < 8.1.2+dfsg-0.2
MEDIUM5.5CVE-2021-28675Pillow denial of service
from 0, < 8.1.2+dfsg-0.2
MEDIUM5.5CVE-2020-10177pillow - security update
from 0, < 7.2.0-1
MEDIUM5.5CVE-2020-10177pillow - security update
from 0, < 4.0.0-4+deb9u2
MEDIUM5.5CVE-2020-10994Out-of-bounds reads in Pillow
from 0, < 7.2.0-1
MEDIUM5.5CVE-2016-9189pillow - security update
from 0, < 3.4.2-1
MEDIUM5.5CVE-2016-9189pillow - security update
from 0, < 2.6.1-2+deb8u3
MEDIUM5.4CVE-2020-35655Pillow Out-of-bounds Read
from 0, < 8.1.0-1
MEDIUM4.0CVE-2014-1933Pillow Temporary file name leakage
from 0, < 2.4.0-1