VIR Vulnerability Intelligence Relay

Package impact

python PyPI / pillow

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2023-4863 high 9.5 3y ago Google Chromium WebP contains a heap-based buffer overflow vulnerability that allows a remote attacker to perform an out-of-bounds memory write via a crafted HTML page. This vulnerability can affect …
CVE-2025-48379 high 8.0 11mo ago Pillow is a Python imaging library. In versions 11.2.0 to before 11.3.0, there is a heap buffer overflow when writing a sufficiently large (>64k encoded with default settings) image in the DDS format…
CVE-2023-50447 high 8.0 2y ago RHSA-2024:0893: python-pillow security update (Important)
CVE-2023-5129 high 8.0 3y ago RHSA-2023:5309: libwebp security update (Important)
CVE-2020-5311 high 8.0 4y ago RHSA-2020:0580: python-pillow security update (Important)
CVE-2022-22815 high 8.0 4y ago RHSA-2022:0643: python-pillow security update (Important)
CVE-2022-22816 high 8.0 4y ago RHSA-2022:0643: python-pillow security update (Important)
CVE-2022-22817 high 8.0 4y ago RHSA-2022:0643: python-pillow security update (Important)
CVE-2020-5312 high 8.0 5y ago RHSA-2020:0580: python-pillow security update (Important)
CVE-2020-11538 high 8.0 6y ago RHSA-2020:3185: python-pillow security update (Important)
CVE-2020-5313 high 8.0 6y ago RHSA-2020:3185: python-pillow security update (Important)
CVE-2019-16865 high 8.0 7y ago RHSA-2020:0580: python-pillow security update (Important)
CVE-2026-42311 high 7.8 7.8 26d ago Pillow has an OOB Write with Invalid PSD Tile Extents (Integer Overflow)
CVE-2016-9190 high 7.8 7.8 10y ago Pillow before 3.3.2 allows context-dependent attackers to execute arbitrary code by using the "crafted image file" approach, related to an "Insecure Sign Extension" issue affecting the ImagingNew in …
CVE-2026-25990 high 7.5 7.5 4mo ago Pillow affected by out-of-bounds write when loading PSD images