Information on source package pillow

Available versions

ReleaseVersion
jessie2.6.1-2+deb8u3
jessie (security)2.6.1-2+deb8u4
stretch4.0.0-4
buster5.4.1-2
bullseye6.2.1-2
sid7.0.0-3

Open issues

BugjessiestretchbusterbullseyesidDescription
CVE-2020-5313fixedvulnerablevulnerablevulnerablefixedlibImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overfl ...
CVE-2020-5312fixedvulnerablevulnerablevulnerablefixedlibImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode buffer ...
CVE-2020-5311fixedvulnerablevulnerablevulnerablefixedlibImaging/SgiRleDecode.c in Pillow before 6.2.2 has an SGI buffer ove ...
CVE-2020-5310fixedvulnerablevulnerablevulnerablefixedlibImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding int ...
CVE-2019-19911fixedvulnerablevulnerablevulnerablefixedThere is a DoS vulnerability in Pillow before 6.2.2 caused by FpxImage ...
CVE-2019-16865vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedAn issue was discovered in Pillow before 6.2.0. When reading specially ...

Open unimportant issues

BugjessiestretchbusterbullseyesidDescription
CVE-2016-3076vulnerablevulnerablevulnerablevulnerablevulnerableHeap-based buffer overflow in the j2k_encode_entry function in Pillow ...

Resolved issues

BugDescription
CVE-2016-9190Pillow before 3.3.2 allows context-dependent attackers to execute arbi ...
CVE-2016-9189Pillow before 3.3.2 allows context-dependent attackers to obtain sensi ...
CVE-2016-4009Integer overflow in the ImagingResampleHorizontal function in libImagi ...
CVE-2016-2533Buffer overflow in the ImagingPcdDecode function in PcdDecode.c in Pil ...
CVE-2016-0775Buffer overflow in the ImagingFliDecode function in libImaging/FliDeco ...
CVE-2016-0740Buffer overflow in the ImagingLibTiffDecode function in libImaging/Tif ...
CVE-2014-9601Pillow before 2.7.0 allows remote attackers to cause a denial of servi ...
CVE-2014-3598The Jpeg2KImagePlugin plugin in Pillow before 2.5.3 allows remote atta ...
CVE-2014-3589PIL/IcnsImagePlugin.py in Python Imaging Library (PIL) and Pillow befo ...
CVE-2014-3007Python Image Library (PIL) 1.1.7 and earlier and Pillow 2.3 might allo ...
CVE-2014-1933The (1) JpegImagePlugin.py and (2) EpsImagePlugin.py scripts in Python ...
CVE-2014-1932The (1) load_djpeg function in JpegImagePlugin.py, (2) Ghostscript fun ...

Security announcements

DSA / DLADescription
DLA-2057-1pillow - security update
DSA-3710-1pillow - security update
DSA-3499-1pillow - security update

Search for package or bug name: Reporting problems