GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,902
Maven
5,000+
npm
3,631
NuGet
638
pip
3,246
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
20 advisories
Filter by severity
Pillow buffer overflow vulnerability
Moderate
CVE-2024-28219
was published
for
pillow
(pip)
Apr 3, 2024
Pillow Buffer overflow in Jpeg2KEncode.c
Moderate
CVE-2016-3076
was published
for
pillow
(pip)
May 17, 2022
PIL and Pillow Vulnerable to Symlink Attack on Tmpfiles
Moderate
CVE-2014-1932
was published
for
pillow
(pip)
May 17, 2022
Pillow denial of service via PNG bomb
Moderate
CVE-2014-9601
was published
for
pillow
(pip)
May 14, 2022
Pillow denial of service via Crafted Block Size
Moderate
CVE-2014-3589
was published
for
pillow
(pip)
May 14, 2022
Pillow is vulnerable to Denial of Service (DOS) in the Jpeg2KImagePlugin
Moderate
CVE-2014-3598
was published
for
pillow
(pip)
May 14, 2022
Improper Initialization in Pillow
Moderate
CVE-2022-22815
was published
for
Pillow
(pip)
Jan 12, 2022
Insufficient Verification of Data Authenticity in Pillow
Moderate
CVE-2021-28678
was published
for
Pillow
(pip)
Jun 8, 2021
Uncontrolled Resource Consumption in pillow
Moderate
GHSA-jgpv-4h4c-xhw3
was published
for
pillow
(pip)
Apr 23, 2021
Regular Expression Denial of Service (ReDoS) in Pillow
Moderate
CVE-2021-25292
was published
for
Pillow
(pip)
Mar 29, 2021
Pillow Buffer overflow in ImagingFliDecode
Moderate
CVE-2016-0775
was published
for
Pillow
(pip)
Jul 24, 2018
Pillow buffer overflow in ImagingPcdDecode
Moderate
CVE-2016-2533
was published
for
Pillow
(pip)
Jul 24, 2018
Pillow Buffer overflow in ImagingLibTiffDecode
Moderate
CVE-2016-0740
was published
for
Pillow
(pip)
Jul 24, 2018
ProTip!
Advisories are also available from the
GraphQL API