Python Pillow vulnerabilities
58 known vulnerabilities affecting python/pillow.
Total CVEs
58
CISA KEV
1
actively exploited
Public exploits
0
Exploited in wild
2
Severity breakdown
CRITICAL11HIGH26MEDIUM20LOW1
Vulnerabilities
Page 2 of 3
CVE-2021-28676HIGHCVSS 7.5fixed in 8.2.02021-06-02
CVE-2021-28676 [HIGH] CWE-835 CVE-2021-28676: An issue was discovered in Pillow before 8.2.0. For FLI data, FliDecode did not properly check that
An issue was discovered in Pillow before 8.2.0. For FLI data, FliDecode did not properly check that the block advance was non-zero, potentially leading to an infinite loop on load.
ghsanvdosv
CVE-2021-28675MEDIUMCVSS 5.5fixed in 8.2.02021-06-02
CVE-2021-28675 [MEDIUM] CWE-252 CVE-2021-28675: An issue was discovered in Pillow before 8.2.0. PSDImagePlugin.PsdImageFile lacked a sanity check on
An issue was discovered in Pillow before 8.2.0. PSDImagePlugin.PsdImageFile lacked a sanity check on the number of input layers relative to the size of the data block. This could lead to a DoS on Image.open prior to Image.load.
ghsanvdosv
CVE-2021-28678MEDIUMCVSS 5.5fixed in 8.2.02021-06-02
CVE-2021-28678 [MEDIUM] CWE-345 CVE-2021-28678: An issue was discovered in Pillow before 8.2.0. For BLP data, BlpImagePlugin did not properly check
An issue was discovered in Pillow before 8.2.0. For BLP data, BlpImagePlugin did not properly check that reads (after jumping to file offsets) returned data. This could lead to a DoS where the decoder could be run a large number of times on empty data.
ghsanvdosv
CVE-2021-25289CRITICALCVSS 9.8fixed in 8.1.12021-03-19
CVE-2021-25289 [CRITICAL] CVE-2021-25289: An issue was discovered in Pillow before 8.1.1. TiffDecode has a heap-based buffer overflow when dec
An issue was discovered in Pillow before 8.1.1. TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode. NOTE: this issue exists because of an incomplete fix for CVE-2020-35654.
ghsanvdosv
CVE-2021-25291HIGHCVSS 7.5fixed in 8.1.12021-03-19
CVE-2021-25291 [HIGH] CWE-125 CVE-2021-25291: An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is an out-of-bounds read in T
An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is an out-of-bounds read in TiffreadRGBATile via invalid tile boundaries.
ghsanvdosv
CVE-2021-25290HIGHCVSS 7.5fixed in 8.1.12021-03-19
CVE-2021-25290 [HIGH] CWE-787 CVE-2021-25290: An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is a negative-offset memcpy w
An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is a negative-offset memcpy with an invalid size.
ghsanvdosv
CVE-2021-25293HIGHCVSS 7.5fixed in 8.1.12021-03-19
CVE-2021-25293 [HIGH] CWE-125 CVE-2021-25293: An issue was discovered in Pillow before 8.1.1. There is an out-of-bounds read in SGIRleDecode.c.
An issue was discovered in Pillow before 8.1.1. There is an out-of-bounds read in SGIRleDecode.c.
ghsanvdosv
CVE-2021-25292MEDIUMCVSS 6.5fixed in 8.1.12021-03-19
CVE-2021-25292 [MEDIUM] CWE-1333 CVE-2021-25292: An issue was discovered in Pillow before 8.1.1. The PDF parser allows a regular expression DoS (ReDo
An issue was discovered in Pillow before 8.1.1. The PDF parser allows a regular expression DoS (ReDoS) attack via a crafted PDF file because of a catastrophic backtracking regex.
ghsanvdosv
CVE-2021-27923HIGHCVSS 7.5fixed in 8.1.12021-03-03
CVE-2021-27923 [HIGH] CWE-20 CVE-2021-27923: Pillow before 8.1.2 allows attackers to cause a denial of service (memory consumption) because the r
Pillow before 8.1.2 allows attackers to cause a denial of service (memory consumption) because the reported size of a contained image is not properly checked for an ICO container, and thus an attempted memory allocation can be very large.
ghsanvdosv
CVE-2021-27921HIGHCVSS 7.5fixed in 8.1.12021-03-03
CVE-2021-27921 [HIGH] CWE-20 CVE-2021-27921: Pillow before 8.1.2 allows attackers to cause a denial of service (memory consumption) because the r
Pillow before 8.1.2 allows attackers to cause a denial of service (memory consumption) because the reported size of a contained image is not properly checked for a BLP container, and thus an attempted memory allocation can be very large.
ghsanvdosv
CVE-2021-27922HIGHCVSS 7.5fixed in 8.1.12021-03-03
CVE-2021-27922 [HIGH] CWE-20 CVE-2021-27922: Pillow before 8.1.2 allows attackers to cause a denial of service (memory consumption) because the r
Pillow before 8.1.2 allows attackers to cause a denial of service (memory consumption) because the reported size of a contained image is not properly checked for an ICNS container, and thus an attempted memory allocation can be very large.
ghsanvdosv
CVE-2020-35653HIGHCVSS 7.1fixed in 8.1.02021-01-12
CVE-2020-35653 [HIGH] CWE-125 CVE-2020-35653: In Pillow before 8.1.0, PcxDecode has a buffer over-read when decoding a crafted PCX file because th
In Pillow before 8.1.0, PcxDecode has a buffer over-read when decoding a crafted PCX file because the user-supplied stride value is trusted for buffer calculations.
ghsanvdosv
CVE-2020-35654HIGHCVSS 8.8fixed in 8.1.02021-01-12
CVE-2020-35654 [HIGH] CWE-787 CVE-2020-35654: In Pillow before 8.1.0, TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr file
In Pillow before 8.1.0, TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode.
ghsanvdosv
CVE-2020-35655MEDIUMCVSS 5.4≥ 4.3.0, < 8.1.02021-01-12
CVE-2020-35655 [MEDIUM] CWE-125 CVE-2020-35655: In Pillow before 8.1.0, SGIRleDecode has a 4-byte buffer over-read when decoding crafted SGI RLE ima
In Pillow before 8.1.0, SGIRleDecode has a 4-byte buffer over-read when decoding crafted SGI RLE image files because offsets and length tables are mishandled.
ghsanvdosv
CVE-2020-10379HIGHCVSS 7.8fixed in 7.1.02020-06-25
CVE-2020-10379 [HIGH] CWE-120 CVE-2020-10379: In Pillow before 7.1.0, there are two Buffer Overflows in libImaging/TiffDecode.c.
In Pillow before 7.1.0, there are two Buffer Overflows in libImaging/TiffDecode.c.
ghsanvdosv
CVE-2020-11538HIGHCVSS 8.1≤ 7.0.02020-06-25
CVE-2020-11538 [HIGH] CWE-125 CVE-2020-11538: In libImaging/SgiRleDecode.c in Pillow through 7.0.0, a number of out-of-bounds reads exist in the p
In libImaging/SgiRleDecode.c in Pillow through 7.0.0, a number of out-of-bounds reads exist in the parsing of SGI image files, a different issue than CVE-2020-5311.
ghsanvdosv
CVE-2020-10378MEDIUMCVSS 5.5fixed in 7.1.02020-06-25
CVE-2020-10378 [MEDIUM] CWE-125 CVE-2020-10378: In libImaging/PcxDecode.c in Pillow before 7.1.0, an out-of-bounds read can occur when reading PCX f
In libImaging/PcxDecode.c in Pillow before 7.1.0, an out-of-bounds read can occur when reading PCX files where state->shuffle is instructed to read beyond state->buffer.
ghsanvdosv
CVE-2020-10994MEDIUMCVSS 5.5fixed in 7.1.02020-06-25
CVE-2020-10994 [MEDIUM] CWE-125 CVE-2020-10994: In libImaging/Jpeg2KDecode.c in Pillow before 7.1.0, there are multiple out-of-bounds reads via a cr
In libImaging/Jpeg2KDecode.c in Pillow before 7.1.0, there are multiple out-of-bounds reads via a crafted JP2 file.
ghsanvdosv
CVE-2020-10177MEDIUMCVSS 5.5fixed in 7.1.02020-06-25
CVE-2020-10177 [MEDIUM] CWE-125 CVE-2020-10177: Pillow before 7.1.0 has multiple out-of-bounds reads in libImaging/FliDecode.c.
Pillow before 7.1.0 has multiple out-of-bounds reads in libImaging/FliDecode.c.
ghsanvdosv
CVE-2019-19911HIGHCVSS 7.5fixed in 6.2.22020-01-05
CVE-2019-19911 [HIGH] CWE-190 CVE-2019-19911: There is a DoS vulnerability in Pillow before 6.2.2 caused by FpxImagePlugin.py calling the range fu
There is a DoS vulnerability in Pillow before 6.2.2 caused by FpxImagePlugin.py calling the range function on an unvalidated 32-bit integer if the number of bands is large. On Windows running 32-bit Python, this results in an OverflowError or MemoryError due to the 2 GB limit. However, on Linux running 64-bit Python this results in the process being t
ghsanvdosv