Python Pillow 11.2.1
Approved changes feed: RSS · Atom
cpe:2.3:a:python:pillow:11.2.1:*:*:*:*:*:*:*
part: a version: 11.2.1 update: *
| Vendor | Python (b57ad93a-6195-5192-9423-6cfad6044a8b) |
|---|---|
| Product | Pillow (ed16d516-33f6-556c-aa8c-2909192a8bc0) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/python-pillow/pillow |
purl2cpe | 2026-06-01 10:16:28.223876 |
pkg:gitlab/redhat/python-pillow |
purl2cpe | 2026-06-01 10:16:28.223878 |
pkg:pypi/pillow |
purl2cpe | 2026-06-01 10:16:28.223879 |
pkg:rpm/fedora/python-pillow |
purl2cpe | 2026-06-01 10:16:28.223880 |
pkg:rpm/opensuse/python-pillow |
purl2cpe | 2026-06-01 10:16:28.223882 |
pkg:sourceforge/pillow.mirror |
purl2cpe | 2026-06-01 10:16:28.223883 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-48379 |
vulnerable | 2026-06-03 15:01:34.552951 |
Pillow Vulnerable to Write Buffer Overflow on BCn encoding
HIGH (7.1)
Pillow is a Python imaging library. In versions 11.2.0 to before 11.3.0, there is a heap buffer overflow when writing a sufficiently large (>64k encoded with default settings) image in the DDS format due to writing into a buffer without checking for available space. This only affects users who save untrusted data as a compressed DDS image. This issue has been patched in version 11.3.0.
Published: 2025-07-01T18:33:30.687Z
Updated: 2025-07-01T19:42:22.348Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.