Pillow is a Python imaging library. Prior to version 12.2.0, if a font advances for each glyph by an exceeding large amount, when Pillow keeps track of the current position, it may lead to an integer overflow. This issue has been patched in version 12.2.0.
CVSS Score
5.1
EPSS Score
0.0
Published
2026-05-09
In _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy.
CVSS Score
6.7
EPSS Score
0.004
Published
2024-04-03
Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than CVE-2022-22817 (which was about the expression parameter).
CVSS Score
8.1
EPSS Score
0.008
Published
2024-01-19
An issue was discovered in Pillow before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for truetype in ImageFont when textlength in an ImageDraw instance operates on a long text argument.
CVSS Score
7.5
EPSS Score
0.002
Published
2023-11-03
Pillow before 9.2.0 performs Improper Handling of Highly Compressed GIF Data (Data Amplification).
CVSS Score
7.5
EPSS Score
0.003
Published
2022-11-14
Pillow before 9.3.0 allows denial of service via SAMPLESPERPIXEL.
CVSS Score
7.5
EPSS Score
0.002
Published
2022-11-14
Pillow before 9.0.1 allows attackers to delete files because spaces in temporary pathnames are mishandled.
CVSS Score
9.1
EPSS Score
0.022
Published
2022-03-28
PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitrary expressions, such as ones that use the Python exec method. A lambda expression could also be used.
CVSS Score
9.8
EPSS Score
0.028
Published
2022-01-10
path_getbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path.
CVSS Score
6.5
EPSS Score
0.001
Published
2022-01-10
path_getbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization of ImagePath.Path.
CVSS Score
6.5
EPSS Score
0.001
Published
2022-01-10
Page 1