Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,076
Erlang
29
GitHub Actions
19
Go
1,895
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
862
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

29 advisories

Loading
Arbitrary code using "crafted image file" approach affecting Pillow High
CVE-2016-9190 was published for Pillow (pip) Jul 12, 2018
DOS attack in Pillow when processing specially crafted image files High
CVE-2019-16865 was published for pillow (pip) Oct 22, 2019
sunSUNQ
Out-of-bounds Read in Pillow High
CVE-2020-5313 was published for Pillow (pip) Apr 1, 2020
Uncontrolled Resource Consumption in Pillow High
CVE-2019-19911 was published for Pillow (pip) Apr 1, 2020
Out-of-bounds read in Pillow High
CVE-2020-11538 was published for Pillow (pip) Jul 27, 2020
Buffer overflow in Pillow High
CVE-2020-10379 was published for Pillow (pip) Jul 27, 2020
Pillow Denial of Service by Uncontrolled Resource Consumption High
CVE-2021-27923 was published for Pillow (pip) Mar 18, 2021
sunSUNQ
Pillow Denial of Service by Uncontrolled Resource Consumption High
CVE-2021-27921 was published for Pillow (pip) Mar 18, 2021
sunSUNQ
Pillow Uncontrolled Resource Consumption High
CVE-2021-27922 was published for Pillow (pip) Mar 18, 2021
sunSUNQ
Pillow Out-of-bounds Write High
CVE-2020-35654 was published for Pillow (pip) Mar 18, 2021
sunSUNQ
Pillow Out-of-bounds Read High
CVE-2020-35653 was published for Pillow (pip) Mar 18, 2021
Out of bounds write in Pillow High
CVE-2021-25289 was published for Pillow (pip) Mar 29, 2021
sunSUNQ
Out of bounds read in Pillow High
CVE-2021-25293 was published for Pillow (pip) Mar 29, 2021
sunSUNQ
Out-of-bounds Write in Pillow High
CVE-2021-25290 was published for Pillow (pip) Mar 29, 2021
sunSUNQ
Out of bounds read in Pillow High
CVE-2021-25291 was published for Pillow (pip) Mar 29, 2021
tdunlap607 sunSUNQ
Potential infinite loop in Pillow High
CVE-2021-28676 was published for Pillow (pip) Jun 8, 2021
tdunlap607
Uncontrolled Resource Consumption in Pillow High
CVE-2021-28677 was published for Pillow (pip) Jun 8, 2021
sunSUNQ
Uncontrolled Resource Consumption in pillow High
CVE-2021-23437 was published for pillow (pip) Sep 7, 2021
Integer overflow in Pillow High
CVE-2020-5310 was published for Pillow (pip) Nov 3, 2021
PCX P mode buffer overflow in Pillow High
CVE-2020-5312 was published for Pillow (pip) Nov 3, 2021
Pillow command injection High
CVE-2014-3007 was published for pillow (pip) May 17, 2022
Buffer over-flow in Pillow High
CVE-2022-30595 was published for Pillow (pip) May 26, 2022
sunSUNQ
Pillow vulnerable to Data Amplification attack. High
CVE-2022-45198 was published for pillow (pip) Nov 14, 2022
Pillow subject to DoS via SAMPLESPERPIXEL tag High
CVE-2022-45199 was published for pillow (pip) Nov 14, 2022
libwebp: OOB write in BuildHuffmanTable High
CVE-2023-4863 was published for Pillow (Go) Sep 12, 2023
delroth Nachtalb
pshelton-skype
ProTip! Advisories are also available from the GraphQL API