Andrew Murray

10 exploits Active since Jan 2020
CVE-2026-42311 WRITEUP HIGH WRITEUP
Pillow: OOB Write with Invalid PSD Tile Extents (Integer Overflow)
Pillow is a Python imaging library. From version 10.3.0 to before version 12.2.0, processing a malicious PSD file could lead to memory corruption, potentially resulting in a crash or arbitrary code execution. This issue has been patched in version 12.2.0.
CVSS 7.8
CVE-2020-5310 WRITEUP HIGH WRITEUP
Pillow < 6.2.2 - Integer Overflow in TIFF Decoding
libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc.
CVSS 8.8
CVE-2020-5311 WRITEUP CRITICAL WRITEUP
Pillow < 6.2.2 - Buffer Overflow in SGI Image Decoder
libImaging/SgiRleDecode.c in Pillow before 6.2.2 has an SGI buffer overflow.
CVSS 9.8
CVE-2020-5312 WRITEUP CRITICAL WRITEUP
Pillow < 6.2.2 - Buffer Overflow in PCX P Mode Decoder
libImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode buffer overflow.
CVSS 9.8
CVE-2020-5313 WRITEUP HIGH WRITEUP
Pillow < 6.2.2 - Out-of-bounds Read in FLI Buffer Handling
libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overflow.
CVSS 7.1
CVE-2022-45198 WRITEUP HIGH WRITEUP
Pillow < 9.2.0 - Denial of Service via Highly Compressed GIF Data
Pillow before 9.2.0 performs Improper Handling of Highly Compressed GIF Data (Data Amplification).
CVSS 7.5
CVE-2022-45199 WRITEUP HIGH WRITEUP
Pillow < 9.3.0 - Denial of Service via SAMPLESPERPIXEL
Pillow before 9.3.0 allows denial of service via SAMPLESPERPIXEL.
CVSS 7.5
CVE-2023-44271 WRITEUP HIGH WRITEUP
Pillow < 10.0.0 - Denial of Service via Truetype Font Memory Allocation
An issue was discovered in Pillow before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for truetype in ImageFont when textlength in an ImageDraw instance operates on a long text argument.
CVSS 7.5
CVE-2025-48379 WRITEUP HIGH WRITEUP
Pillow 11.2.0-11.2.9 - Heap-based Buffer Overflow in DDS Image Writing
Pillow is a Python imaging library. In versions 11.2.0 to before 11.3.0, there is a heap buffer overflow when writing a sufficiently large (>64k encoded with default settings) image in the DDS format due to writing into a buffer without checking for available space. This only affects users who save untrusted data as a compressed DDS image. This issue has been patched in version 11.3.0.
CVSS 7.1
CVE-2026-25990 WRITEUP HIGH WRITEUP
Pillow 10.3.0-12.1.0 - Out-of-bounds Write via Crafted PSD Image
Pillow is a Python imaging library. From 10.3.0 to before 12.1.1, an out-of-bounds write may be triggered when loading a specially crafted PSD image. This vulnerability is fixed in 12.1.1.
CVSS 7.5