GHSA-j7hp-h8jx-5ppr
Suggest an improvement- Source
- https://github.com/advisories/GHSA-j7hp-h8jx-5ppr
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/09/GHSA-j7hp-h8jx-5ppr/GHSA-j7hp-h8jx-5ppr.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-j7hp-h8jx-5ppr
- Aliases
-
- A-299477569
- ASB-A-299477569
- CVE-2023-4863
- CVE-2023-5129
- RUSTSEC-2023-0060
- RUSTSEC-2023-0061
- Related
- Published
- 2023-09-12T15:30:20Z
- Modified
- 2026-02-04T03:35:53.856889Z
- Severity
-
- 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- libwebp: OOB write in BuildHuffmanTable
- Details
-
Heap buffer overflow in libwebp allow a remote attacker to perform an out of bounds memory write via a crafted HTML page.
- Database specific
{ "nvd_published_at": "2023-09-12T15:15:24Z", "github_reviewed_at": "2023-09-14T16:20:50Z", "github_reviewed": true, "severity": "HIGH", "cwe_ids": [ "CWE-787" ] }- References
-
- https://nvd.nist.gov/vuln/detail/CVE-2023-4863
- https://github.com/qnighy/libwebp-sys2-rs/pull/21
- https://github.com/python-pillow/Pillow/pull/7395
- https://github.com/jaredforth/webp/pull/30
- https://github.com/electron/electron/pull/39823
- https://github.com/electron/electron/pull/39825
- https://github.com/electron/electron/pull/39826
- https://github.com/electron/electron/pull/39827
- https://github.com/electron/electron/pull/39828
- https://github.com/webmproject/libwebp/commit/902bc9190331343b2017211debcec8d2ab87e17a
- https://github.com/qnighy/libwebp-sys2-rs/commit/4560c473a76ec8bd8c650f19ddf9d7a44f719f8b
- https://github.com/jaredforth/webp/commit/9d4c56e63abecc777df71c702503c3eaabd7dcbc
- https://security.gentoo.org/glsa/202401-10
- https://security.gentoo.org/glsa/202309-05
- https://security-tracker.debian.org/tracker/CVE-2023-4863
- https://rustsec.org/advisories/RUSTSEC-2023-0061.html
- https://rustsec.org/advisories/RUSTSEC-2023-0060.html
- https://pillow.readthedocs.io/en/stable/releasenotes/10.0.1.html#security
- https://news.ycombinator.com/item?id=37478403
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4863
- https://adamcaudill.com/2023/09/14/whose-cve-is-it-anyway
- https://security.netapp.com/advisory/ntap-20230929-0011
- https://sethmlarson.dev/security-developer-in-residence-weekly-report-16
- https://stackdiary.com/critical-vulnerability-in-webp-codec-cve-2023-4863
- https://www.bentley.com/advisories/be-2023-0001
- https://www.bleepingcomputer.com/news/google/google-fixes-another-chrome-zero-day-bug-exploited-in-attacks
- https://www.debian.org/security/2023/dsa-5496
- https://www.debian.org/security/2023/dsa-5497
- https://www.debian.org/security/2023/dsa-5498
- https://www.mozilla.org/en-US/security/advisories/mfsa2023-40
- https://www.vicarius.io/vsociety/posts/zero-day-webp-vulnerability-cve-2023-4863
- https://blog.isosceles.com/the-webp-0day
- https://bugzilla.suse.com/show_bug.cgi?id=1215231
- https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_11.html
- https://crbug.com/1479274
- https://en.bandisoft.com/honeyview/history
- https://github.com/ImageMagick/ImageMagick/discussions/6664
- https://github.com/dlemstra/Magick.NET/releases/tag/13.3.0
- https://github.com/webmproject/libwebp
- https://github.com/webmproject/libwebp/releases/tag/v1.3.2
- https://lists.debian.org/debian-lts-announce/2023/09/msg00015.html
- https://lists.debian.org/debian-lts-announce/2023/09/msg00016.html
- https://lists.debian.org/debian-lts-announce/2023/09/msg00017.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T655QF7CQ3DYAMPFV7IECQYGDEUIVVT
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FYYKLG6CRGEDTNRBSU26EEWAO6D6U645
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KUQ7CTX3W372X3UY56VVNAHCH6H2F4X3
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OZDGWWMJREPAGKWCJKSCM4WYLANSKIFX
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PYZV7TMKF4QHZ54SFJX54BDN52VHGGCX
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHOLML7N2G5KCAZXFWC5IDFFHSQS5SDB
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I
- http://www.openwall.com/lists/oss-security/2023/09/21/4
- http://www.openwall.com/lists/oss-security/2023/09/22/1
- http://www.openwall.com/lists/oss-security/2023/09/22/3
- http://www.openwall.com/lists/oss-security/2023/09/22/4
- http://www.openwall.com/lists/oss-security/2023/09/22/5
- http://www.openwall.com/lists/oss-security/2023/09/22/6
- http://www.openwall.com/lists/oss-security/2023/09/22/7
- http://www.openwall.com/lists/oss-security/2023/09/22/8
- http://www.openwall.com/lists/oss-security/2023/09/26/1
- http://www.openwall.com/lists/oss-security/2023/09/26/7
- http://www.openwall.com/lists/oss-security/2023/09/28/1
- http://www.openwall.com/lists/oss-security/2023/09/28/2
- http://www.openwall.com/lists/oss-security/2023/09/28/4
Affected packages
crates.io
libwebp-sys2
Package
- Name
- libwebp-sys2
- View open source insights on deps.dev
- Purl
- pkg:cargo/libwebp-sys2
libwebp-sys
Package
- Name
- libwebp-sys
- View open source insights on deps.dev
- Purl
- pkg:cargo/libwebp-sys
webp
Package
- Name
- webp
- View open source insights on deps.dev
- Purl
- pkg:cargo/webp
Go
github.com/chai2010/webp
Package
- Name
- github.com/chai2010/webp
- View open source insights on deps.dev
- Purl
- pkg:golang/github.com/chai2010/webp
github.com/chai2010/webp
Package
- Name
- github.com/chai2010/webp
- View open source insights on deps.dev
- Purl
- pkg:golang/github.com/chai2010/webp
github.com/chai2010/webp
Package
- Name
- github.com/chai2010/webp
- View open source insights on deps.dev
- Purl
- pkg:golang/github.com/chai2010/webp
npm
electron
Package
- Name
- electron
- View open source insights on deps.dev
- Purl
- pkg:npm/electron
electron
Package
- Name
- electron
- View open source insights on deps.dev
- Purl
- pkg:npm/electron
electron
Package
- Name
- electron
- View open source insights on deps.dev
- Purl
- pkg:npm/electron
electron
Package
- Name
- electron
- View open source insights on deps.dev
- Purl
- pkg:npm/electron
electron
Package
- Name
- electron
- View open source insights on deps.dev
- Purl
- pkg:npm/electron
NuGet
SkiaSharp
Package
- Name
- SkiaSharp
- View open source insights on deps.dev
- Purl
- pkg:nuget/SkiaSharp
magick.net-q16-anycpu
Package
- Name
- magick.net-q16-anycpu
- View open source insights on deps.dev
- Purl
- pkg:nuget/magick.net-q16-anycpu
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed13.3.0
Affected versions
6.*
6.8.8.1001
6.8.9.1
6.8.9.2
6.8.9.101
6.8.9.401
6.8.9.501
6.8.9.601
7.*
7.0.0.1
7.0.0.2
7.0.0.3
7.0.0.4
7.0.0.5
7.0.0.6
7.0.0.7
7.0.0.8
7.0.0.9
7.0.0.10
7.0.0.11
7.0.0.12
7.0.0.13
7.0.0.14
7.0.0.15
7.0.0.16
7.0.0.17
7.0.0.18
7.0.0.19
7.0.0.20
7.0.0.21
7.0.0.22
7.0.0.101
7.0.0.102
7.0.0.103
7.0.0.104
7.0.1
7.0.1.100
7.0.1.101
7.0.1.500
7.0.2.100
7.0.2.400
7.0.2.600
7.0.2.900
7.0.2.901
7.0.2.902
7.0.3
7.0.3.1
7.0.3.300
7.0.3.500
7.0.3.501
7.0.3.502
7.0.3.901
7.0.3.902
7.0.4.100
7.0.4.400
7.0.4.700
7.0.4.701
7.0.5.500
7.0.5.501
7.0.5.502
7.0.5.800
7.0.5.900
7.0.6
7.0.6.100
7.0.6.101
7.0.6.102
7.0.6.600
7.0.6.601
7.0.6.1000
7.0.6.1001
7.0.6.1002
7.0.7
7.0.7.300
7.0.7.700
7.0.7.900
7.1.0
7.2.0
7.2.1
7.3.0
7.4.0
7.4.1
7.4.2
7.4.3
7.4.4
7.4.5
7.4.6
7.5.0
7.5.0.1
7.6.0
7.6.0.1
7.7.0
7.8.0
7.9.0
7.9.0.1
7.9.0.2
7.9.1
7.9.2
7.10.0
7.10.1
7.10.2
7.11.0
7.11.1
7.12.0
7.13.0
7.13.1
7.14.0
7.14.0.1
7.14.0.2
7.14.0.3
7.14.1
7.14.2
7.14.3
7.14.4
7.14.5
7.15.0
7.15.0.1
7.15.1
7.15.2
7.15.3
7.15.4
7.15.5
7.16.0
7.16.1
7.17.0
7.17.0.1
7.18.0
7.19.0
7.19.0.1
7.20.0
7.20.0.1
7.21.0
7.21.1
7.22.0
7.22.1
7.22.2
7.22.2.1
7.22.2.2
7.22.3
7.23.0
7.23.1
7.23.2
7.23.2.1
7.23.3
7.23.4
7.24.0
7.24.1
8.*
8.0.0
8.0.1
8.1.0
8.2.0
8.2.1
8.3.0
8.3.1
8.3.2
8.3.3
8.4.0
8.5.0
8.6.0
8.6.1
9.*
9.0.0
9.1.0
9.1.1
9.1.2
10.*
10.0.0
10.1.0
11.*
11.0.0
11.1.0
11.1.1
11.1.2
11.2.0
11.2.1
11.3.0
12.*
12.0.0
12.0.1
12.1.0
12.2.0
12.2.1
12.2.2
12.3.0
13.*
13.0.0
13.0.1
13.1.0
13.1.1
13.1.2
13.1.3
13.2.0
magick.net-q16-hdri-anycpu
Package
- Name
- magick.net-q16-hdri-anycpu
- View open source insights on deps.dev
- Purl
- pkg:nuget/magick.net-q16-hdri-anycpu
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed13.3.0
Affected versions
6.*
6.8.9.101
6.8.9.401
6.8.9.501
6.8.9.601
7.*
7.0.0.1
7.0.0.2
7.0.0.3
7.0.0.4
7.0.0.5
7.0.0.6
7.0.0.7
7.0.0.8
7.0.0.9
7.0.0.10
7.0.0.11
7.0.0.12
7.0.0.13
7.0.0.14
7.0.0.15
7.0.0.16
7.0.0.17
7.0.0.18
7.0.0.19
7.0.0.20
7.0.0.21
7.0.0.22
7.0.0.101
7.0.0.102
7.0.0.103
7.0.0.104
7.0.1
7.0.1.100
7.0.1.101
7.0.1.500
7.0.2.100
7.0.2.400
7.0.2.600
7.0.2.900
7.0.2.901
7.0.2.902
7.0.3
7.0.3.1
7.0.3.300
7.0.3.500
7.0.3.501
7.0.3.502
7.0.3.901
7.0.3.902
7.0.4.100
7.0.4.400
7.0.4.700
7.0.4.701
7.0.5.500
7.0.5.501
7.0.5.502
7.0.5.800
7.0.5.900
7.0.6
7.0.6.100
7.0.6.101
7.0.6.102
7.0.6.600
7.0.6.601
7.0.6.1000
7.0.6.1001
7.0.6.1002
7.0.7
7.0.7.300
7.0.7.700
7.0.7.900
7.1.0
7.2.0
7.2.1
7.3.0
7.4.0
7.4.1
7.4.2
7.4.3
7.4.4
7.4.5
7.4.6
7.5.0
7.5.0.1
7.6.0
7.6.0.1
7.7.0
7.8.0
7.9.0
7.9.0.1
7.9.0.2
7.9.1
7.9.2
7.10.0
7.10.1
7.10.2
7.11.0
7.11.1
7.12.0
7.13.0
7.13.1
7.14.0
7.14.0.1
7.14.0.2
7.14.0.3
7.14.1
7.14.2
7.14.3
7.14.4
7.14.5
7.15.0
7.15.0.1
7.15.1
7.15.2
7.15.3
7.15.4
7.15.5
7.16.0
7.16.1
7.17.0
7.17.0.1
7.18.0
7.19.0
7.19.0.1
7.20.0
7.20.0.1
7.21.0
7.21.1
7.22.0
7.22.1
7.22.2
7.22.2.1
7.22.2.2
7.22.3
7.23.0
7.23.1
7.23.2
7.23.2.1
7.23.3
7.23.4
7.24.0
7.24.1
8.*
8.0.0
8.0.1
8.1.0
8.2.0
8.2.1
8.3.0
8.3.1
8.3.2
8.3.3
8.4.0
8.5.0
8.6.0
8.6.1
9.*
9.0.0
9.1.0
9.1.1
9.1.2
10.*
10.0.0
10.1.0
11.*
11.0.0
11.1.0
11.1.1
11.1.2
11.2.0
11.2.1
11.3.0
12.*
12.0.0
12.0.1
12.1.0
12.2.0
12.2.1
12.2.2
12.3.0
13.*
13.0.0
13.0.1
13.1.0
13.1.1
13.1.2
13.1.3
13.2.0
magick.net-q16-x64
Package
- Name
- magick.net-q16-x64
- View open source insights on deps.dev
- Purl
- pkg:nuget/magick.net-q16-x64
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed13.3.0
Affected versions
6.*
6.8.5.401
6.8.5.402
6.8.5.1001
6.8.6.301
6.8.6.601
6.8.6.801
6.8.7.1
6.8.7.101
6.8.7.501
6.8.7.502
6.8.7.901
6.8.8.201
6.8.8.501
6.8.8.701
6.8.8.801
6.8.8.901
6.8.8.1001
6.8.9.1
6.8.9.2
6.8.9.101
6.8.9.401
6.8.9.501
6.8.9.601
7.*
7.0.0.1
7.0.0.2
7.0.0.3
7.0.0.4
7.0.0.5
7.0.0.6
7.0.0.7
7.0.0.8
7.0.0.9
7.0.0.10
7.0.0.11
7.0.0.12
7.0.0.13
7.0.0.14
7.0.0.15
7.0.0.16
7.0.0.17
7.0.0.18
7.0.0.19
7.0.0.20
7.0.0.21
7.0.0.22
7.0.0.101
7.0.0.102
7.0.0.103
7.0.0.104
7.0.1
7.0.1.100
7.0.1.101
7.0.1.500
7.0.2.100
7.0.2.400
7.0.2.600
7.0.2.900
7.0.2.901
7.0.2.902
7.0.3
7.0.3.1
7.0.3.300
7.0.3.500
7.0.3.501
7.0.3.502
7.0.3.901
7.0.3.902
7.0.4.100
7.0.4.400
7.0.4.700
7.0.4.701
7.0.5.500
7.0.5.501
7.0.5.502
7.0.5.800
7.0.5.900
7.0.6
7.0.6.100
7.0.6.101
7.0.6.102
7.0.6.600
7.0.6.601
7.0.6.1000
7.0.6.1001
7.0.6.1002
7.0.7
7.0.7.300
7.0.7.700
7.0.7.900
7.1.0
7.2.0
7.2.1
7.3.0
7.4.0
7.4.1
7.4.2
7.4.3
7.4.4
7.4.5
7.4.6
7.5.0
7.5.0.1
7.6.0
7.6.0.1
7.7.0
7.8.0
7.9.0
7.9.0.1
7.9.0.2
7.9.1
7.9.2
7.10.0
7.10.1
7.10.2
7.11.0
7.11.1
7.12.0
7.13.0
7.13.1
7.14.0
7.14.0.1
7.14.0.2
7.14.0.3
7.14.1
7.14.2
7.14.3
7.14.4
7.14.5
7.15.0
7.15.0.1
7.15.1
7.15.2
7.15.3
7.15.4
7.15.5
7.16.0
7.16.1
7.17.0
7.17.0.1
7.18.0
7.19.0
7.19.0.1
7.20.0
7.20.0.1
7.21.0
7.21.1
7.22.0
7.22.1
7.22.2
7.22.2.1
7.22.2.2
7.22.3
7.23.0
7.23.1
7.23.2
7.23.2.1
7.23.3
7.23.4
7.24.0
7.24.1
8.*
8.0.0
8.0.1
8.1.0
8.2.0
8.2.1
8.3.0
8.3.1
8.3.2
8.3.3
8.4.0
8.5.0
8.6.0
8.6.1
9.*
9.0.0
9.1.0
9.1.1
9.1.2
10.*
10.0.0
10.1.0
11.*
11.0.0
11.1.0
11.1.1
11.1.2
11.2.0
11.2.1
11.3.0
12.*
12.0.0
12.0.1
12.1.0
12.2.0
12.2.1
12.2.2
12.3.0
13.*
13.0.0
13.0.1
13.1.0
13.1.1
13.1.2
13.1.3
13.2.0
magick.net-q8-anycpu
Package
- Name
- magick.net-q8-anycpu
- View open source insights on deps.dev
- Purl
- pkg:nuget/magick.net-q8-anycpu
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed13.3.0
Affected versions
6.*
6.8.8.1001
6.8.9.1
6.8.9.2
6.8.9.101
6.8.9.401
6.8.9.501
6.8.9.601
7.*
7.0.0.1
7.0.0.2
7.0.0.3
7.0.0.4
7.0.0.5
7.0.0.6
7.0.0.7
7.0.0.8
7.0.0.9
7.0.0.10
7.0.0.11
7.0.0.12
7.0.0.13
7.0.0.14
7.0.0.15
7.0.0.16
7.0.0.17
7.0.0.18
7.0.0.19
7.0.0.20
7.0.0.21
7.0.0.22
7.0.0.101
7.0.0.102
7.0.0.103
7.0.0.104
7.0.1
7.0.1.100
7.0.1.101
7.0.1.500
7.0.2.100
7.0.2.400
7.0.2.600
7.0.2.900
7.0.2.901
7.0.2.902
7.0.3
7.0.3.1
7.0.3.300
7.0.3.500
7.0.3.501
7.0.3.502
7.0.3.901
7.0.3.902
7.0.4.100
7.0.4.400
7.0.4.700
7.0.4.701
7.0.5.500
7.0.5.501
7.0.5.502
7.0.5.800
7.0.5.900
7.0.6
7.0.6.100
7.0.6.101
7.0.6.102
7.0.6.600
7.0.6.601
7.0.6.1000
7.0.6.1001
7.0.6.1002
7.0.7
7.0.7.300
7.0.7.700
7.0.7.900
7.1.0
7.2.0
7.2.1
7.3.0
7.4.0
7.4.1
7.4.2
7.4.3
7.4.4
7.4.5
7.4.6
7.5.0
7.5.0.1
7.6.0
7.6.0.1
7.7.0
7.8.0
7.9.0
7.9.0.1
7.9.0.2
7.9.1
7.9.2
7.10.0
7.10.1
7.10.2
7.11.0
7.11.1
7.12.0
7.13.0
7.13.1
7.14.0
7.14.0.1
7.14.0.2
7.14.0.3
7.14.1
7.14.2
7.14.3
7.14.4
7.14.5
7.15.0
7.15.0.1
7.15.1
7.15.2
7.15.3
7.15.4
7.15.5
7.16.0
7.16.1
7.17.0
7.17.0.1
7.18.0
7.19.0
7.19.0.1
7.20.0
7.20.0.1
7.21.0
7.21.1
7.22.0
7.22.1
7.22.2
7.22.2.1
7.22.2.2
7.22.3
7.23.0
7.23.1
7.23.2
7.23.2.1
7.23.3
7.23.4
7.24.0
7.24.1
8.*
8.0.0
8.0.1
8.1.0
8.2.0
8.2.1
8.3.0
8.3.1
8.3.2
8.3.3
8.4.0
8.5.0
8.6.0
8.6.1
9.*
9.0.0
9.1.0
9.1.1
9.1.2
10.*
10.0.0
10.1.0
11.*
11.0.0
11.1.0
11.1.1
11.1.2
11.2.0
11.2.1
11.3.0
12.*
12.0.0
12.0.1
12.1.0
12.2.0
12.2.1
12.2.2
12.3.0
13.*
13.0.0
13.0.1
13.1.0
13.1.1
13.1.2
13.1.3
13.2.0
magick.net-q8-openmp-x64
Package
- Name
- magick.net-q8-openmp-x64
- View open source insights on deps.dev
- Purl
- pkg:nuget/magick.net-q8-openmp-x64
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed13.3.0
Affected versions
7.*
7.14.0
7.14.0.1
7.14.0.2
7.14.0.3
7.14.1
7.14.2
7.14.3
7.14.4
7.14.5
7.15.0
7.15.0.1
7.15.1
7.15.2
7.15.3
7.15.4
7.15.5
7.16.0
7.16.1
7.17.0
7.17.0.1
7.18.0
7.19.0
7.19.0.1
7.20.0
7.20.0.1
7.21.0
7.21.1
7.22.0
7.22.1
7.22.2
7.22.2.1
7.22.2.2
7.22.3
7.23.0
7.23.1
7.23.2
7.23.2.1
7.23.3
7.23.4
7.24.0
7.24.1
8.*
8.0.0
8.0.1
8.1.0
8.2.0
8.2.1
8.3.0
8.3.1
8.3.2
8.3.3
8.4.0
8.5.0
8.6.0
8.6.1
9.*
9.0.0
9.1.0
9.1.1
9.1.2
10.*
10.0.0
10.1.0
11.*
11.0.0
11.1.0
11.1.1
11.1.2
11.2.0
11.2.1
11.3.0
12.*
12.0.0
12.0.1
12.1.0
12.2.0
12.2.1
12.2.2
12.3.0
13.*
13.0.0
13.0.1
13.1.0
13.1.1
13.1.2
13.1.3
13.2.0
magick.net-q8-x64
Package
- Name
- magick.net-q8-x64
- View open source insights on deps.dev
- Purl
- pkg:nuget/magick.net-q8-x64
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed13.3.0
Affected versions
6.*
6.8.5.401
6.8.5.402
6.8.5.1001
6.8.6.301
6.8.6.601
6.8.6.801
6.8.7.1
6.8.7.101
6.8.7.501
6.8.7.502
6.8.7.901
6.8.8.201
6.8.8.501
6.8.8.701
6.8.8.801
6.8.8.901
6.8.8.1001
6.8.9.1
6.8.9.2
6.8.9.101
6.8.9.401
6.8.9.501
6.8.9.601
7.*
7.0.0.1
7.0.0.2
7.0.0.3
7.0.0.4
7.0.0.5
7.0.0.6
7.0.0.7
7.0.0.8
7.0.0.9
7.0.0.10
7.0.0.11
7.0.0.12
7.0.0.13
7.0.0.14
7.0.0.15
7.0.0.16
7.0.0.17
7.0.0.18
7.0.0.19
7.0.0.20
7.0.0.21
7.0.0.22
7.0.0.101
7.0.0.102
7.0.0.103
7.0.0.104
7.0.1
7.0.1.100
7.0.1.101
7.0.1.500
7.0.2.100
7.0.2.400
7.0.2.600
7.0.2.900
7.0.2.901
7.0.2.902
7.0.3
7.0.3.1
7.0.3.300
7.0.3.500
7.0.3.501
7.0.3.502
7.0.3.901
7.0.3.902
7.0.4.100
7.0.4.400
7.0.4.700
7.0.4.701
7.0.5.500
7.0.5.501
7.0.5.502
7.0.5.800
7.0.5.900
7.0.6
7.0.6.100
7.0.6.101
7.0.6.102
7.0.6.600
7.0.6.601
7.0.6.1000
7.0.6.1001
7.0.6.1002
7.0.7
7.0.7.300
7.0.7.700
7.0.7.900
7.1.0
7.2.0
7.2.1
7.3.0
7.4.0
7.4.1
7.4.2
7.4.3
7.4.4
7.4.5
7.4.6
7.5.0
7.5.0.1
7.6.0
7.6.0.1
7.7.0
7.8.0
7.9.0
7.9.0.1
7.9.0.2
7.9.1
7.9.2
7.10.0
7.10.1
7.10.2
7.11.0
7.11.1
7.12.0
7.13.0
7.13.1
7.14.0
7.14.0.1
7.14.0.2
7.14.0.3
7.14.1
7.14.2
7.14.3
7.14.4
7.14.5
7.15.0
7.15.0.1
7.15.1
7.15.2
7.15.3
7.15.4
7.15.5
7.16.0
7.16.1
7.17.0
7.17.0.1
7.18.0
7.19.0
7.19.0.1
7.20.0
7.20.0.1
7.21.0
7.21.1
7.22.0
7.22.1
7.22.2
7.22.2.1
7.22.2.2
7.22.3
7.23.0
7.23.1
7.23.2
7.23.2.1
7.23.3
7.23.4
7.24.0
7.24.1
8.*
8.0.0
8.0.1
8.1.0
8.2.0
8.2.1
8.3.0
8.3.1
8.3.2
8.3.3
8.4.0
8.5.0
8.6.0
8.6.1
9.*
9.0.0
9.1.0
9.1.1
9.1.2
10.*
10.0.0
10.1.0
11.*
11.0.0
11.1.0
11.1.1
11.1.2
11.2.0
11.2.1
11.3.0
12.*
12.0.0
12.0.1
12.1.0
12.2.0
12.2.1
12.2.2
12.3.0
13.*
13.0.0
13.0.1
13.1.0
13.1.1
13.1.2
13.1.3
13.2.0
PyPI
pillow
Package
- Name
- pillow
- View open source insights on deps.dev
- Purl
- pkg:pypi/pillow
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed10.0.1
Affected versions
1.*
1.0
1.1
1.2
1.3
1.4
1.5
1.6
1.7.0
1.7.1
1.7.2
1.7.3
1.7.4
1.7.5
1.7.6
1.7.7
1.7.8
2.*
2.0.0
2.1.0
2.2.0
2.2.1
2.2.2
2.3.0
2.3.1
2.3.2
2.4.0
2.5.0
2.5.1
2.5.2
2.5.3
2.6.0
2.6.1
2.6.2
2.7.0
2.8.0
2.8.1
2.8.2
2.9.0
3.*
3.0.0
3.1.0.rc1
3.1.0rc1
3.1.0
3.1.1
3.1.2
3.2.0
3.3.0
3.3.1
3.3.2
3.3.3
3.4.0
3.4.1
3.4.2
4.*
4.0.0
4.1.0
4.1.1
4.2.0
4.2.1
4.3.0
5.*
5.0.0
5.1.0
5.2.0
5.3.0
5.4.0.dev0
5.4.0
5.4.1
6.*
6.0.0
6.1.0
6.2.0
6.2.1
6.2.2
7.*
7.0.0
7.1.0
7.1.1
7.1.2
7.2.0
8.*
8.0.0
8.0.1
8.1.0
8.1.1
8.1.2
8.2.0
8.3.0
8.3.1
8.3.2
8.4.0
9.*
9.0.0
9.0.1
9.1.0
9.1.1
9.2.0
9.3.0
9.4.0
9.5.0
10.*
10.0.0