Home/Product/python pillow
Product

python pillow

60 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2026-42311
>= 10.3.0 and < 12.2.0
Pillow is a Python imaging library. From version 10.3.0 to before version 12.2.0, processing a malicious PSD file could lead to me
7.8HIGH
 CVE-2026-42310
>= 4.2.0 and < 12.2.0
Pillow is a Python imaging library. From version 4.2.0 to before version 12.2.0, an attacker can supply a malicious PDF that cause
5.5MEDIUM
 CVE-2026-42309
>= 11.2.1 and < 12.2.0
Pillow is a Python imaging library. From version 11.2.1 to before version 12.2.0, passing nested lists as coordinates to APIs that
5.5MEDIUM
 CVE-2026-42308
< 12.2.0
Pillow is a Python imaging library. Prior to version 12.2.0, if a font advances for each glyph by an exceeding large amount, when
5.5MEDIUM
 CVE-2026-40192
>= 10.3.0 and < 12.2.0
Pillow is a Python imaging library. Versions 10.3.0 through 12.1.1 did not limit the amount of GZIP-compressed data read when deco
7.5HIGH
 CVE-2026-25990
>= 10.3.0 and < 12.1.1
Pillow is a Python imaging library. From 10.3.0 to before 12.1.1, an out-of-bounds write may be triggered when loading a specially
7.5HIGH
 CVE-2025-48379
all versions
Pillow is a Python imaging library. In versions 11.2.0 to before 11.3.0, there is a heap buffer overflow when writing a sufficient
7.1HIGH
 CVE-2024-28219
< 10.3.0
In _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy.
6.7MEDIUM
 CVE-2023-50447
<= 10.1.0
Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability
8.1HIGH
 CVE-2023-44271
< 10.0.0
An issue was discovered in Pillow before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process a given
7.5HIGH
 CVE-2022-45199
< 9.3.0
Pillow before 9.3.0 allows denial of service via SAMPLESPERPIXEL.
7.5HIGH
 CVE-2022-45198
< 9.2.0
Pillow before 9.2.0 performs Improper Handling of Highly Compressed GIF Data (Data Amplification).
7.5HIGH
 CVE-2022-30595
all versions
libImaging/TgaRleDecode.c in Pillow 9.1.0 has a heap buffer overflow in the processing of invalid TGA image files.
9.8CRITICAL
 CVE-2022-24303
< 9.0.1
Pillow before 9.0.1 allows attackers to delete files because spaces in temporary pathnames are mishandled.
9.1CRITICAL
 CVE-2022-22817
< 9.0.1
PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitrary expressions, such as ones that use the Python exec method
9.8CRITICAL
 CVE-2022-22816
< 9.0.0
path_getbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization of ImagePath.Path.
6.5MEDIUM
 CVE-2022-22815
< 9.0.0
path_getbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path.
6.5MEDIUM
 CVE-2021-23437
>= 5.2.0 and < 8.3.2
The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the getrgb function.
7.5HIGH
 CVE-2021-34552
>= 1.0 and <= 1.1.7
Pillow through 8.2.0 and PIL (aka Python Imaging Library) through 1.1.7 allow an attacker to pass controlled parameters directly i
9.8CRITICAL
 CVE-2021-28678
< 8.2.0
An issue was discovered in Pillow before 8.2.0. For BLP data, BlpImagePlugin did not properly check that reads (after jumping to f
5.5MEDIUM
 CVE-2021-28677
< 8.2.0
An issue was discovered in Pillow before 8.2.0. For EPS data, the readline implementation used in EPSImageFile has to deal with an
7.5HIGH
 CVE-2021-28676
< 8.2.0
An issue was discovered in Pillow before 8.2.0. For FLI data, FliDecode did not properly check that the block advance was non-zero
7.5HIGH
 CVE-2021-25288
< 8.2.0
An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2ku_gray_i.
9.1CRITICAL
 CVE-2021-25287
< 8.2.0
An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2ku_graya_la.
9.1CRITICAL
 CVE-2021-28675
< 8.2.0
An issue was discovered in Pillow before 8.2.0. PSDImagePlugin.PsdImageFile lacked a sanity check on the number of input layers re
5.5MEDIUM
 CVE-2021-25293
< 8.1.1
An issue was discovered in Pillow before 8.1.1. There is an out-of-bounds read in SGIRleDecode.c.
7.5HIGH
 CVE-2021-25292
< 8.1.1
An issue was discovered in Pillow before 8.1.1. The PDF parser allows a regular expression DoS (ReDoS) attack via a crafted PDF fi
6.5MEDIUM
 CVE-2021-25291
< 8.1.1
An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is an out-of-bounds read in TiffreadRGBATile via invalid ti
7.5HIGH
 CVE-2021-25290
< 8.1.1
An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is a negative-offset memcpy with an invalid size.
7.5HIGH
 CVE-2021-25289
< 8.1.1
An issue was discovered in Pillow before 8.1.1. TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files beca
9.8CRITICAL
 CVE-2021-27923
< 8.1.1
Pillow before 8.1.2 allows attackers to cause a denial of service (memory consumption) because the reported size of a contained im
7.5HIGH
 CVE-2021-27922
< 8.1.1
Pillow before 8.1.2 allows attackers to cause a denial of service (memory consumption) because the reported size of a contained im
7.5HIGH
 CVE-2021-27921
< 8.1.1
Pillow before 8.1.2 allows attackers to cause a denial of service (memory consumption) because the reported size of a contained im
7.5HIGH
 CVE-2020-35655
>= 4.3.0 and < 8.1.0
In Pillow before 8.1.0, SGIRleDecode has a 4-byte buffer over-read when decoding crafted SGI RLE image files because offsets and l
5.4MEDIUM
 CVE-2020-35654
< 8.1.0
In Pillow before 8.1.0, TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpret
8.8HIGH
 CVE-2020-35653
< 8.1.0
In Pillow before 8.1.0, PcxDecode has a buffer over-read when decoding a crafted PCX file because the user-supplied stride value i
7.1HIGH
 CVE-2020-11538
<= 7.0.0
In libImaging/SgiRleDecode.c in Pillow through 7.0.0, a number of out-of-bounds reads exist in the parsing of SGI image files, a d
8.1HIGH
 CVE-2020-10994
< 7.1.0
In libImaging/Jpeg2KDecode.c in Pillow before 7.1.0, there are multiple out-of-bounds reads via a crafted JP2 file.
5.5MEDIUM
 CVE-2020-10379
< 7.1.0
In Pillow before 7.1.0, there are two Buffer Overflows in libImaging/TiffDecode.c.
7.8HIGH
 CVE-2020-10378
< 7.1.0
In libImaging/PcxDecode.c in Pillow before 7.1.0, an out-of-bounds read can occur when reading PCX files where state-shuffle is in
5.5MEDIUM
 CVE-2020-10177
< 7.1.0
Pillow before 7.1.0 has multiple out-of-bounds reads in libImaging/FliDecode.c.
5.5MEDIUM
 CVE-2019-19911
< 6.2.2
There is a DoS vulnerability in Pillow before 6.2.2 caused by FpxImagePlugin.py calling the range function on an unvalidated 32-bi
7.5HIGH
 CVE-2020-5313
< 6.2.2
libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overflow.
7.1HIGH
 CVE-2020-5312
< 6.2.2
libImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode buffer overflow.
9.8CRITICAL
 CVE-2020-5311
< 6.2.2
libImaging/SgiRleDecode.c in Pillow before 6.2.2 has an SGI buffer overflow.
9.8CRITICAL
 CVE-2020-5310
< 6.2.2
libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc.
8.8HIGH
 CVE-2019-16865
< 6.2.0
An issue was discovered in Pillow before 6.2.0. When reading specially crafted invalid image files, the library can either allocat
7.5HIGH
 CVE-2016-3076
all versions
Heap-based buffer overflow in the j2k_encode_entry function in Pillow 2.5.0 through 3.1.1 allows remote attackers to cause a denia
5.5MEDIUM
 CVE-2016-9190
<= 3.3.1
Pillow before 3.3.2 allows context-dependent attackers to execute arbitrary code by using the "crafted image file" approach, relat
7.8HIGH
 CVE-2016-9189
<= 3.3.1
Pillow before 3.3.2 allows context-dependent attackers to obtain sensitive information by using the "crafted image file" approach,
5.5MEDIUM
 CVE-2016-4009
<= 3.1.0
Integer overflow in the ImagingResampleHorizontal function in libImaging/Resample.c in Pillow before 3.1.1 allows remote attackers
9.8CRITICAL
 CVE-2016-2533
<= 3.1.0
Buffer overflow in the ImagingPcdDecode function in PcdDecode.c in Pillow before 3.1.1 and Python Imaging Library (PIL) 1.1.7 and
6.5MEDIUM
 CVE-2016-0775
<= 3.1.0
Buffer overflow in the ImagingFliDecode function in libImaging/FliDecode.c in Pillow before 3.1.1 allows remote attackers to cause
6.5MEDIUM
 CVE-2016-0740
<= 3.1.0
Buffer overflow in the ImagingLibTiffDecode function in libImaging/TiffDecode.c in Pillow before 3.1.1 allows remote attackers to
6.5MEDIUM
 CVE-2014-3598
<= 2.5.2
The Jpeg2KImagePlugin plugin in Pillow before 2.5.3 allows remote attackers to cause a denial of service via a crafted image.
 CVE-2014-9601
<= 2.6.2
Pillow before 2.7.0 allows remote attackers to cause a denial of service via a compressed text chunk in a PNG image that has a lar
 CVE-2014-3589
<= 2.3.1
PIL/IcnsImagePlugin.py in Python Imaging Library (PIL) and Pillow before 2.3.2 and 2.5.x before 2.5.2 allows remote attackers to c
 CVE-2014-3007
all versions
Python Image Library (PIL) 1.1.7 and earlier and Pillow 2.3 might allow remote attackers to execute arbitrary commands via shell m
 CVE-2014-1933
<= 2.3.0
The (1) JpegImagePlugin.py and (2) EpsImagePlugin.py scripts in Python Image Library (PIL) 1.1.7 and earlier and Pillow before 2.3
 CVE-2014-1932
<= 2.3.0
The (1) load_djpeg function in JpegImagePlugin.py, (2) Ghostscript function in EpsImagePlugin.py, (3) load function in IptcImagePl
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin