pillow vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2026-42311Highpillow: Pillow has an OOB Write with Invalid PSD Tile Extents (Integer Overflow)CVE-2026-42310Mediumpillow: Pillow has a PDF Parsing Trailer Infinite Loop (DoS)CVE-2026-42308Mediumpillow: Pillow has an integer overflow when processing fontsCVE-2026-42309Mediumpillow: Pillow has a heap buffer overflow with nested list coordinatesCVE-2026-40192Highpillow: FITS GZIP decompression bomb in PillowCVE-2026-25990Highpillow: Pillow affected by out-of-bounds write when loading PSD imagesCVE-2025-48379Highpillow: Pillow vulnerability can cause write buffer overflow on BCn encodingCVE-2024-28219Highpillow: Pillow buffer overflow vulnerabilityCVE-2023-50447CriticalPillow: Arbitrary Code Execution in PillowCVE-2023-44271Highpillow: Pillow Denial of Service vulnerabilityCVE-2023-4863Highlibwebp-sys2: libwebp: OOB write in BuildHuffmanTableCVE-2022-45198Highpillow: Pillow vulnerable to Data Amplification attack.CVE-2022-45199Highpillow: Pillow subject to DoS via SAMPLESPERPIXEL tagCVE-2022-30595HighPillow: Buffer over-flow in PillowCVE-2020-5311Criticalpillow: Buffer Copy without Checking Size of Input in PillowCVE-2014-3007Criticalpillow: Pillow command injectionCVE-2016-3076Highpillow: Pillow Buffer overflow in Jpeg2KEncode.cCVE-2014-1932Highpillow: PIL and Pillow Vulnerable to Symlink Attack on TmpfilesCVE-2014-9601Highpillow: Pillow denial of service via PNG bombCVE-2014-3598Highpillow: Pillow is vulnerable to Denial of Service (DOS) in the Jpeg2KImagePluginCVE-2014-3589Highpillow: Pillow denial of service via Crafted Block SizeGHSA-4FX9-VC88-Q2XCLowPillow: Infinite loop in PillowCVE-2022-24303HighPillow: Path traversal in PillowCVE-2022-22815MediumPillow: Improper Initialization in PillowCVE-2022-22816MediumPillow: Out-of-bounds Read in Pillow

Stop the waste.
Protect your environment with Kodem.