Pillow is a Python imaging library. Versions 10.3.0 through 12.1.1 did not limit the amount of GZIP-compressed data read when decoding a FITS image, making them vulnerable to decompression bomb attacks. A specially crafted FITS file could cause unbounded memory consumption, leading to denial of service (OOM crash or severe performance degradation). If users are unable to immediately upgrade, they should only open specific image formats, excluding FITS, as a workaround.
CVSS Score
8.7
EPSS Score
0.0
Published
2026-04-15
Pillow is a Python imaging library. From 10.3.0 to before 12.1.1, an out-of-bounds write may be triggered when loading a specially crafted PSD image. This vulnerability is fixed in 12.1.1.
CVSS Score
8.6
EPSS Score
0.0
Published
2026-02-11
Pillow is a Python imaging library. In versions 11.2.0 to before 11.3.0, there is a heap buffer overflow when writing a sufficiently large (>64k encoded with default settings) image in the DDS format due to writing into a buffer without checking for available space. This only affects users who save untrusted data as a compressed DDS image. This issue has been patched in version 11.3.0.
CVSS Score
7.1
EPSS Score
0.001
Published
2025-07-01
In _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy.
CVSS Score
6.7
EPSS Score
0.004
Published
2024-04-03
Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than CVE-2022-22817 (which was about the expression parameter).
CVSS Score
8.1
EPSS Score
0.007
Published
2024-01-19
An issue was discovered in Pillow before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for truetype in ImageFont when textlength in an ImageDraw instance operates on a long text argument.
CVSS Score
7.5
EPSS Score
0.002
Published
2023-11-03
Pillow before 9.2.0 performs Improper Handling of Highly Compressed GIF Data (Data Amplification).
CVSS Score
7.5
EPSS Score
0.003
Published
2022-11-14
Pillow before 9.3.0 allows denial of service via SAMPLESPERPIXEL.
CVSS Score
7.5
EPSS Score
0.001
Published
2022-11-14
libImaging/TgaRleDecode.c in Pillow 9.1.0 has a heap buffer overflow in the processing of invalid TGA image files.
CVSS Score
9.8
EPSS Score
0.006
Published
2022-05-25
Pillow before 9.0.1 allows attackers to delete files because spaces in temporary pathnames are mishandled.
CVSS Score
9.1
EPSS Score
0.014
Published
2022-03-28
Page 1