7.5 HIGH
- CVSS version (CVSS): 3.1
- Attack Vector (AV): Network (N)
- Attack Complexity (AC): Low (L)
- Privileges Required (PR): None (N)
- User Interaction (UI): None (N)
- Scope (S): Unchanged (U)
- Confidentiality (C): None (N)
- Integrity (I): None (N)
- Availability (A): High (H)
- Modified Attack Vector (MAV): Network (N)
- Modified Attack Complexity (MAC): Low (L)
- Modified Privileges Required (MPR): None (N)
- Modified User Interaction (MUI): None (N)
- Modified Confidentiality (MC): None (N)
- Modified Scope (MS): Unchanged (U)
- Modified Integrity (MI): None (N)
- Modified Availability (MA): High (H)
by @LeSuisse Activity log
- Created suggestion
-
@LeSuisse
ignored
10 packages
- python314Packages.pypillowfight
- python313Packages.pypillowfight
- python314Packages.types-pillow
- python314Packages.pillowfight
- python314Packages.pillow-jpls
- python314Packages.pillow-heif
- python313Packages.types-pillow
- python313Packages.pillow-jpls
- python313Packages.pillowfight
- python313Packages.pillow-heif
- @LeSuisse ignored maintainer @mweinelt maintainer.ignore
- @LeSuisse accepted
- @LeSuisse published on GitHub
Pillow: `FontFile.compile()`: `Image.new()` called without `_decompression_bomb_check()`
Pillow is a Python imaging library. Prior to 12.3.0, PIL/FontFile.py FontFile.compile() assembled per-glyph images into a combined bitmap with Image.new("1", (xsize, ysize)) without calling Image._decompression_bomb_check(), allowing a font to trigger excessive allocation during conversion or saving. This issue is fixed in version 12.3.0.
References
-
https://github.com/python-pillow/Pillow/security/advisories/GHSA-5x94-69rx-g8h2 x_refsource_CONFIRM
Affected products
- ==< 12.3.0
Matching in nixpkgs
pkgs.python313Packages.pillow
Friendly PIL fork (Python Imaging Library)
Ignored packages (10)
pkgs.python313Packages.pillow-heif
Python library for working with HEIF images and plugin for Pillow
pkgs.python313Packages.pillow-jpls
JPEG-LS plugin for the Python Pillow library
pkgs.python313Packages.pillowfight
Eases the transition from PIL to Pillow for Python packages
pkgs.python314Packages.pillow-heif
Python library for working with HEIF images and plugin for Pillow
pkgs.python314Packages.pillow-jpls
JPEG-LS plugin for the Python Pillow library
pkgs.python314Packages.pillowfight
Eases the transition from PIL to Pillow for Python packages
pkgs.python313Packages.types-pillow
Typing stubs for Pillow
-
nixos-unstable 10.2.0.20240822
- nixpkgs-unstable 10.2.0.20240822
- nixos-unstable-small 10.2.0.20240822
-
nixos-26.05 10.2.0.20240822
- nixos-26.05-small 10.2.0.20240822
- nixpkgs-26.05-darwin 10.2.0.20240822
pkgs.python314Packages.types-pillow
Typing stubs for Pillow
-
nixos-unstable 10.2.0.20240822
- nixpkgs-unstable 10.2.0.20240822
- nixos-unstable-small 10.2.0.20240822
-
nixos-26.05 10.2.0.20240822
- nixos-26.05-small 10.2.0.20240822
- nixpkgs-26.05-darwin 10.2.0.20240822
pkgs.python313Packages.pypillowfight
Library containing various image processing algorithms
Package maintainers
Ignored maintainers (1)
-
@mweinelt Martin Weinelt <hexa@darmstadt.ccc.de>
4.5 MEDIUM
- CVSS version (CVSS): 3.1
- Attack Vector (AV): Local (L)
- Attack Complexity (AC): High (H)
- Privileges Required (PR): None (N)
- User Interaction (UI): Required (R)
- Scope (S): Unchanged (U)
- Confidentiality (C): Low (L)
- Integrity (I): Low (L)
- Availability (A): Low (L)
- Modified Attack Vector (MAV): Local (L)
- Modified Attack Complexity (MAC): High (H)
- Modified Privileges Required (MPR): None (N)
- Modified User Interaction (MUI): Required (R)
- Modified Confidentiality (MC): Low (L)
- Modified Scope (MS): Unchanged (U)
- Modified Integrity (MI): Low (L)
- Modified Availability (MA): Low (L)
by @LeSuisse Activity log
- Created suggestion
-
@LeSuisse
ignored
10 packages
- python314Packages.pypillowfight
- python313Packages.pypillowfight
- python314Packages.pillowfight
- python313Packages.types-pillow
- python314Packages.pillow-jpls
- python314Packages.pillow-heif
- python313Packages.pillowfight
- python313Packages.pillow-jpls
- python314Packages.types-pillow
- python313Packages.pillow-heif
- @LeSuisse ignored maintainer @mweinelt maintainer.ignore
- @LeSuisse accepted
- @LeSuisse published on GitHub
Pillow: WindowsViewer.get_command() OS command injection via unescaped shell path
Pillow is a Python imaging library. Prior to 12.3.0, WindowsViewer.get_command() constructed a cmd.exe shell command by directly embedding a file path into an f-string without escaping and passed the result to subprocess.Popen(..., shell=True), allowing shell metacharacters in the file path to inject arbitrary cmd.exe commands. This issue is fixed in version 12.3.0.
References
-
https://github.com/python-pillow/Pillow/security/advisories/GHSA-4x4j-2g7c-83w6 x_refsource_CONFIRM
Affected products
- ==< 12.3.0
Matching in nixpkgs
pkgs.python313Packages.pillow
Friendly PIL fork (Python Imaging Library)
Ignored packages (10)
pkgs.python313Packages.pillow-heif
Python library for working with HEIF images and plugin for Pillow
pkgs.python313Packages.pillow-jpls
JPEG-LS plugin for the Python Pillow library
pkgs.python313Packages.pillowfight
Eases the transition from PIL to Pillow for Python packages
pkgs.python314Packages.pillow-heif
Python library for working with HEIF images and plugin for Pillow
pkgs.python314Packages.pillow-jpls
JPEG-LS plugin for the Python Pillow library
pkgs.python314Packages.pillowfight
Eases the transition from PIL to Pillow for Python packages
pkgs.python313Packages.types-pillow
Typing stubs for Pillow
-
nixos-unstable 10.2.0.20240822
- nixpkgs-unstable 10.2.0.20240822
- nixos-unstable-small 10.2.0.20240822
-
nixos-26.05 10.2.0.20240822
- nixos-26.05-small 10.2.0.20240822
- nixpkgs-26.05-darwin 10.2.0.20240822
pkgs.python314Packages.types-pillow
Typing stubs for Pillow
-
nixos-unstable 10.2.0.20240822
- nixpkgs-unstable 10.2.0.20240822
- nixos-unstable-small 10.2.0.20240822
-
nixos-26.05 10.2.0.20240822
- nixos-26.05-small 10.2.0.20240822
- nixpkgs-26.05-darwin 10.2.0.20240822
pkgs.python313Packages.pypillowfight
Library containing various image processing algorithms
Package maintainers
Ignored maintainers (1)
-
@mweinelt Martin Weinelt <hexa@darmstadt.ccc.de>
7.5 HIGH
- CVSS version (CVSS): 3.1
- Attack Vector (AV): Network (N)
- Attack Complexity (AC): Low (L)
- Privileges Required (PR): None (N)
- User Interaction (UI): None (N)
- Scope (S): Unchanged (U)
- Confidentiality (C): None (N)
- Integrity (I): None (N)
- Availability (A): High (H)
- Modified Attack Vector (MAV): Network (N)
- Modified Attack Complexity (MAC): Low (L)
- Modified Privileges Required (MPR): None (N)
- Modified User Interaction (MUI): None (N)
- Modified Confidentiality (MC): None (N)
- Modified Scope (MS): Unchanged (U)
- Modified Integrity (MI): None (N)
- Modified Availability (MA): High (H)
by @LeSuisse Activity log
- Created suggestion
-
@LeSuisse
ignored
10 packages
- python314Packages.pypillowfight
- python313Packages.pypillowfight
- python314Packages.types-pillow
- python313Packages.types-pillow
- python314Packages.pillowfight
- python314Packages.pillow-jpls
- python314Packages.pillow-heif
- python313Packages.pillowfight
- python313Packages.pillow-jpls
- python313Packages.pillow-heif
- @LeSuisse ignored maintainer @mweinelt maintainer.ignore
- @LeSuisse accepted
- @LeSuisse published on GitHub
Pillow GdImageFile decompression bomb protection bypass
Pillow is a Python imaging library. Prior to 12.3.0, PIL/GdImageFile.py GdImageFile._open() read image dimensions from the GD 2.x header and stored them in self._size without calling Image._decompression_bomb_check(), allowing a crafted .gd file to trigger excessive C-heap allocation when loaded. This issue is fixed in version 12.3.0.
References
-
https://github.com/python-pillow/Pillow/security/advisories/GHSA-phj9-mv4w-65pm x_refsource_CONFIRMexploit
Affected products
- ==< 12.3.0
Matching in nixpkgs
pkgs.python313Packages.pillow
Friendly PIL fork (Python Imaging Library)
Ignored packages (10)
pkgs.python313Packages.pillow-heif
Python library for working with HEIF images and plugin for Pillow
pkgs.python313Packages.pillow-jpls
JPEG-LS plugin for the Python Pillow library
pkgs.python313Packages.pillowfight
Eases the transition from PIL to Pillow for Python packages
pkgs.python314Packages.pillow-heif
Python library for working with HEIF images and plugin for Pillow
pkgs.python314Packages.pillow-jpls
JPEG-LS plugin for the Python Pillow library
pkgs.python314Packages.pillowfight
Eases the transition from PIL to Pillow for Python packages
pkgs.python313Packages.types-pillow
Typing stubs for Pillow
-
nixos-unstable 10.2.0.20240822
- nixpkgs-unstable 10.2.0.20240822
- nixos-unstable-small 10.2.0.20240822
-
nixos-26.05 10.2.0.20240822
- nixos-26.05-small 10.2.0.20240822
- nixpkgs-26.05-darwin 10.2.0.20240822
pkgs.python314Packages.types-pillow
Typing stubs for Pillow
-
nixos-unstable 10.2.0.20240822
- nixpkgs-unstable 10.2.0.20240822
- nixos-unstable-small 10.2.0.20240822
-
nixos-26.05 10.2.0.20240822
- nixos-26.05-small 10.2.0.20240822
- nixpkgs-26.05-darwin 10.2.0.20240822
pkgs.python313Packages.pypillowfight
Library containing various image processing algorithms
Package maintainers
Ignored maintainers (1)
-
@mweinelt Martin Weinelt <hexa@darmstadt.ccc.de>
7.5 HIGH
- CVSS version (CVSS): 3.1
- Attack Vector (AV): Network (N)
- Attack Complexity (AC): Low (L)
- Privileges Required (PR): None (N)
- User Interaction (UI): None (N)
- Scope (S): Unchanged (U)
- Confidentiality (C): None (N)
- Integrity (I): None (N)
- Availability (A): High (H)
- Modified Attack Vector (MAV): Network (N)
- Modified Attack Complexity (MAC): Low (L)
- Modified Privileges Required (MPR): None (N)
- Modified User Interaction (MUI): None (N)
- Modified Confidentiality (MC): None (N)
- Modified Scope (MS): Unchanged (U)
- Modified Integrity (MI): None (N)
- Modified Availability (MA): High (H)
by @LeSuisse Activity log
- Created suggestion
-
@LeSuisse
ignored
11 packages
- python313Packages.pillow-heif
- python313Packages.pillow-jpls
- python313Packages.pillowfight
- python314Packages.pillow-heif
- python314Packages.pillow-jpls
- python314Packages.pillowfight
- python314Packages.pillow
- python313Packages.types-pillow
- python314Packages.pypillowfight
- python313Packages.pypillowfight
- python314Packages.types-pillow
- @LeSuisse restored package python314Packages.pillow
- @LeSuisse accepted
- @LeSuisse ignored maintainer @mweinelt maintainer.ignore
- @LeSuisse published on GitHub
Pillow BdfFontFile`: `Image.new()` called without `_decompression_bomb_check()` — bomb protection bypass via font loading
Pillow is a Python imaging library. Prior to 12.3.0, PIL/BdfFontFile.py bdf_char() read the BBX width and height field from a BDF font file and passed attacker-controlled dimensions to Image.new() without calling Image._decompression_bomb_check(), bypassing Pillow's documented decompression bomb protection and allowing excessive memory allocation. This issue is fixed in version 12.3.0.
References
-
https://github.com/python-pillow/Pillow/security/advisories/GHSA-45hq-cxwh-f6vc x_refsource_CONFIRMexploit
Affected products
- ==< 12.3.0
Matching in nixpkgs
pkgs.python313Packages.pillow
Friendly PIL fork (Python Imaging Library)
Ignored packages (10)
pkgs.python313Packages.pillow-heif
Python library for working with HEIF images and plugin for Pillow
pkgs.python313Packages.pillow-jpls
JPEG-LS plugin for the Python Pillow library
pkgs.python313Packages.pillowfight
Eases the transition from PIL to Pillow for Python packages
pkgs.python314Packages.pillow-heif
Python library for working with HEIF images and plugin for Pillow
pkgs.python314Packages.pillow-jpls
JPEG-LS plugin for the Python Pillow library
pkgs.python314Packages.pillowfight
Eases the transition from PIL to Pillow for Python packages
pkgs.python313Packages.types-pillow
Typing stubs for Pillow
-
nixos-unstable 10.2.0.20240822
- nixpkgs-unstable 10.2.0.20240822
- nixos-unstable-small 10.2.0.20240822
-
nixos-26.05 10.2.0.20240822
- nixos-26.05-small 10.2.0.20240822
- nixpkgs-26.05-darwin 10.2.0.20240822
pkgs.python314Packages.types-pillow
Typing stubs for Pillow
-
nixos-unstable 10.2.0.20240822
- nixpkgs-unstable 10.2.0.20240822
- nixos-unstable-small 10.2.0.20240822
-
nixos-26.05 10.2.0.20240822
- nixos-26.05-small 10.2.0.20240822
- nixpkgs-26.05-darwin 10.2.0.20240822
pkgs.python313Packages.pypillowfight
Library containing various image processing algorithms
Package maintainers
Ignored maintainers (1)
-
@mweinelt Martin Weinelt <hexa@darmstadt.ccc.de>
7.5 HIGH
- CVSS version (CVSS): 3.1
- Attack Vector (AV): Network (N)
- Attack Complexity (AC): Low (L)
- Privileges Required (PR): None (N)
- User Interaction (UI): None (N)
- Scope (S): Unchanged (U)
- Confidentiality (C): None (N)
- Integrity (I): None (N)
- Availability (A): High (H)
- Modified Attack Vector (MAV): Network (N)
- Modified Attack Complexity (MAC): Low (L)
- Modified Privileges Required (MPR): None (N)
- Modified User Interaction (MUI): None (N)
- Modified Confidentiality (MC): None (N)
- Modified Scope (MS): Unchanged (U)
- Modified Integrity (MI): None (N)
- Modified Availability (MA): High (H)
by @LeSuisse Activity log
- Created suggestion
-
@LeSuisse
ignored
10 packages
- python313Packages.pillow-heif
- python313Packages.pillow-jpls
- python313Packages.pillowfight
- python314Packages.pillow-heif
- python314Packages.pillow-jpls
- python314Packages.pillowfight
- python313Packages.types-pillow
- python314Packages.types-pillow
- python313Packages.pypillowfight
- python314Packages.pypillowfight
- @LeSuisse ignored maintainer @mweinelt maintainer.ignore
- @LeSuisse accepted
- @LeSuisse published on GitHub
Pillow: PcfFontFile._load_bitmaps()`: `Image.frombytes()` called without `_decompression_bomb_check()` — bomb protection bypass via PCF font loading
Pillow is a Python imaging library. Prior to 12.3.0, PIL/PcfFontFile.py _load_bitmaps() read glyph dimensions from the PCF METRICS section and passed them directly to Image.frombytes() without calling Image._decompression_bomb_check(), allowing crafted PCF font data to cause excessive memory allocation. This issue is fixed in version 12.3.0.
References
-
https://github.com/python-pillow/Pillow/security/advisories/GHSA-8v84-f9pq-wr9x x_refsource_CONFIRM
Affected products
- ==< 12.3.0
Matching in nixpkgs
pkgs.python313Packages.pillow
Friendly PIL fork (Python Imaging Library)
Ignored packages (10)
pkgs.python313Packages.pillow-heif
Python library for working with HEIF images and plugin for Pillow
pkgs.python313Packages.pillow-jpls
JPEG-LS plugin for the Python Pillow library
pkgs.python313Packages.pillowfight
Eases the transition from PIL to Pillow for Python packages
pkgs.python314Packages.pillow-heif
Python library for working with HEIF images and plugin for Pillow
pkgs.python314Packages.pillow-jpls
JPEG-LS plugin for the Python Pillow library
pkgs.python314Packages.pillowfight
Eases the transition from PIL to Pillow for Python packages
pkgs.python313Packages.types-pillow
Typing stubs for Pillow
-
nixos-unstable 10.2.0.20240822
- nixpkgs-unstable 10.2.0.20240822
- nixos-unstable-small 10.2.0.20240822
-
nixos-26.05 10.2.0.20240822
- nixos-26.05-small 10.2.0.20240822
- nixpkgs-26.05-darwin 10.2.0.20240822
pkgs.python314Packages.types-pillow
Typing stubs for Pillow
-
nixos-unstable 10.2.0.20240822
- nixpkgs-unstable 10.2.0.20240822
- nixos-unstable-small 10.2.0.20240822
-
nixos-26.05 10.2.0.20240822
- nixos-26.05-small 10.2.0.20240822
- nixpkgs-26.05-darwin 10.2.0.20240822
pkgs.python313Packages.pypillowfight
Library containing various image processing algorithms
Package maintainers
Ignored maintainers (1)
-
@mweinelt Martin Weinelt <hexa@darmstadt.ccc.de>