Workflow

Pillow

Latest version: v10.3.0

The latest version of pillow with no known security vulnerabilities is 10.3.0. We recommend installing version 10.3.0.

The information on this page was curated by experts in our Cybersecurity Intelligence Team.

Latest release
v10.3.0 at April 1, 2024
License
HPND (Historical Permission Notice and Disclaimer)

Description

Python Imaging Library (Fork)

Resources

Vulnerabilities (60)

See all vulnerabilities
CVE-2014-3589
Affected versions:

<2.3.2 | >=2.5.0,<2.5.2

Pillow versions 2.3.2 and 2.5.2 include a fix for CVE-2014-358…
CVE-2022-45199
Affected versions:

>=9.2.0,<9.3.0

Pillow before 9.3.0 allows denial of service via SAMPLESPERPIX…
CVE-2022-45198
Affected versions:

<9.2.0

Pillow before 9.2.0 performs Improper Handling of Highly Compr…
CVE-2022-30595
Affected versions:

<9.1.1

Pillow 9.1.1 addresses the CVE-2022-30595: libImaging/TgaRleDe…
PVE-2023-55182
Affected versions:

>=9.1.0,<9.3.0

Pillow 9.3.0 includes a security fix: Pillow will now decode t…
CVE-2022-30595
Affected versions:

>=9.1.0,<9.1.1

libImaging/TgaRleDecode.c in Pillow 9.1.0 has a heap buffer ov…

Versions (97)

See all versions

Has known vulnerabilities

  • 10.3.0
  • 10.2.0
  • 10.1.0
  • 10.0.1
  • 10.0.0
  • 9.5.0
  • 9.4.0
  • 9.3.0
  • 9.2.0
  • 9.1.1
  • 9.1.0
  • 9.0.1
  • 9.0.0
  • 8.4.0
  • 8.3.2
  • 8.3.1
  • 8.3.0
  • 8.2.0
  • 8.1.2
  • 8.1.1