GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,902
Maven
5,000+
npm
3,631
NuGet
638
pip
3,246
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
29 advisories
Filter by severity
Arbitrary code using "crafted image file" approach affecting Pillow
High
CVE-2016-9190
was published
for
Pillow
(pip)
Jul 12, 2018
DOS attack in Pillow when processing specially crafted image files
High
CVE-2019-16865
was published
for
pillow
(pip)
Oct 22, 2019
Uncontrolled Resource Consumption in Pillow
High
CVE-2019-19911
was published
for
Pillow
(pip)
Apr 1, 2020
Pillow Denial of Service by Uncontrolled Resource Consumption
High
CVE-2021-27923
was published
for
Pillow
(pip)
Mar 18, 2021
Pillow Denial of Service by Uncontrolled Resource Consumption
High
CVE-2021-27921
was published
for
Pillow
(pip)
Mar 18, 2021
Pillow Uncontrolled Resource Consumption
High
CVE-2021-27922
was published
for
Pillow
(pip)
Mar 18, 2021
Uncontrolled Resource Consumption in Pillow
High
CVE-2021-28677
was published
for
Pillow
(pip)
Jun 8, 2021
Uncontrolled Resource Consumption in pillow
High
CVE-2021-23437
was published
for
pillow
(pip)
Sep 7, 2021
Pillow vulnerable to Data Amplification attack.
High
CVE-2022-45198
was published
for
pillow
(pip)
Nov 14, 2022
Pillow subject to DoS via SAMPLESPERPIXEL tag
High
CVE-2022-45199
was published
for
pillow
(pip)
Nov 14, 2022
libwebp: OOB write in BuildHuffmanTable
High
CVE-2023-4863
was published
for
Pillow
(Go)
Sep 12, 2023
ProTip!
Advisories are also available from the
GraphQL API