Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.5
Pillow Library for Python on Red Hat Systems
RHSA-2024:0345
Summary
An update is available for the Pillow library on Red Hat systems. This update addresses a security issue that could allow an attacker to execute malicious code. It is recommended to install the updated library to ensure the security of your system.
What to do
- Update redhat python-pillow to version 0:2.0.0-24.gitd1c6db8.el7_9.
- Update redhat python-pillow-debuginfo to version 0:2.0.0-24.gitd1c6db8.el7_9.
- Update redhat python-pillow-devel to version 0:2.0.0-24.gitd1c6db8.el7_9.
- Update redhat python-pillow-doc to version 0:2.0.0-24.gitd1c6db8.el7_9.
- Update redhat python-pillow-qt to version 0:2.0.0-24.gitd1c6db8.el7_9.
- Update redhat python-pillow-sane to version 0:2.0.0-24.gitd1c6db8.el7_9.
- Update redhat python-pillow-tk to version 0:2.0.0-24.gitd1c6db8.el7_9.
Affected software
| Ecosystem | Vendor | Product | Affected versions |
|---|---|---|---|
| Red Hat:enterprise_linux:7::client | redhat | python-pillow |
< 0:2.0.0-24.gitd1c6db8.el7_9 Fix: upgrade to 0:2.0.0-24.gitd1c6db8.el7_9
|
| Red Hat:enterprise_linux:7::client | redhat | python-pillow-debuginfo |
< 0:2.0.0-24.gitd1c6db8.el7_9 Fix: upgrade to 0:2.0.0-24.gitd1c6db8.el7_9
|
| Red Hat:enterprise_linux:7::client | redhat | python-pillow-devel |
< 0:2.0.0-24.gitd1c6db8.el7_9 Fix: upgrade to 0:2.0.0-24.gitd1c6db8.el7_9
|
| Red Hat:enterprise_linux:7::client | redhat | python-pillow-doc |
< 0:2.0.0-24.gitd1c6db8.el7_9 Fix: upgrade to 0:2.0.0-24.gitd1c6db8.el7_9
|
| Red Hat:enterprise_linux:7::client | redhat | python-pillow-qt |
< 0:2.0.0-24.gitd1c6db8.el7_9 Fix: upgrade to 0:2.0.0-24.gitd1c6db8.el7_9
|
| Red Hat:enterprise_linux:7::client | redhat | python-pillow-sane |
< 0:2.0.0-24.gitd1c6db8.el7_9 Fix: upgrade to 0:2.0.0-24.gitd1c6db8.el7_9
|
| Red Hat:enterprise_linux:7::client | redhat | python-pillow-tk |
< 0:2.0.0-24.gitd1c6db8.el7_9 Fix: upgrade to 0:2.0.0-24.gitd1c6db8.el7_9
|
| Red Hat:enterprise_linux:7::computenode | redhat | python-pillow |
< 0:2.0.0-24.gitd1c6db8.el7_9 Fix: upgrade to 0:2.0.0-24.gitd1c6db8.el7_9
|
| Red Hat:enterprise_linux:7::computenode | redhat | python-pillow-debuginfo |
< 0:2.0.0-24.gitd1c6db8.el7_9 Fix: upgrade to 0:2.0.0-24.gitd1c6db8.el7_9
|
| Red Hat:enterprise_linux:7::computenode | redhat | python-pillow-devel |
< 0:2.0.0-24.gitd1c6db8.el7_9 Fix: upgrade to 0:2.0.0-24.gitd1c6db8.el7_9
|
| Red Hat:enterprise_linux:7::computenode | redhat | python-pillow-doc |
< 0:2.0.0-24.gitd1c6db8.el7_9 Fix: upgrade to 0:2.0.0-24.gitd1c6db8.el7_9
|
| Red Hat:enterprise_linux:7::computenode | redhat | python-pillow-qt |
< 0:2.0.0-24.gitd1c6db8.el7_9 Fix: upgrade to 0:2.0.0-24.gitd1c6db8.el7_9
|
| Red Hat:enterprise_linux:7::computenode | redhat | python-pillow-sane |
< 0:2.0.0-24.gitd1c6db8.el7_9 Fix: upgrade to 0:2.0.0-24.gitd1c6db8.el7_9
|
| Red Hat:enterprise_linux:7::computenode | redhat | python-pillow-tk |
< 0:2.0.0-24.gitd1c6db8.el7_9 Fix: upgrade to 0:2.0.0-24.gitd1c6db8.el7_9
|
| Red Hat:enterprise_linux:7::server | redhat | python-pillow |
< 0:2.0.0-24.gitd1c6db8.el7_9 Fix: upgrade to 0:2.0.0-24.gitd1c6db8.el7_9
|
| Red Hat:enterprise_linux:7::server | redhat | python-pillow-debuginfo |
< 0:2.0.0-24.gitd1c6db8.el7_9 Fix: upgrade to 0:2.0.0-24.gitd1c6db8.el7_9
|
| Red Hat:enterprise_linux:7::server | redhat | python-pillow-devel |
< 0:2.0.0-24.gitd1c6db8.el7_9 Fix: upgrade to 0:2.0.0-24.gitd1c6db8.el7_9
|
| Red Hat:enterprise_linux:7::server | redhat | python-pillow-doc |
< 0:2.0.0-24.gitd1c6db8.el7_9 Fix: upgrade to 0:2.0.0-24.gitd1c6db8.el7_9
|
| Red Hat:enterprise_linux:7::server | redhat | python-pillow-qt |
< 0:2.0.0-24.gitd1c6db8.el7_9 Fix: upgrade to 0:2.0.0-24.gitd1c6db8.el7_9
|
| Red Hat:enterprise_linux:7::server | redhat | python-pillow-sane |
< 0:2.0.0-24.gitd1c6db8.el7_9 Fix: upgrade to 0:2.0.0-24.gitd1c6db8.el7_9
|
| Red Hat:enterprise_linux:7::server | redhat | python-pillow-tk |
< 0:2.0.0-24.gitd1c6db8.el7_9 Fix: upgrade to 0:2.0.0-24.gitd1c6db8.el7_9
|
| Red Hat:enterprise_linux:7::workstation | redhat | python-pillow |
< 0:2.0.0-24.gitd1c6db8.el7_9 Fix: upgrade to 0:2.0.0-24.gitd1c6db8.el7_9
|
| Red Hat:enterprise_linux:7::workstation | redhat | python-pillow-debuginfo |
< 0:2.0.0-24.gitd1c6db8.el7_9 Fix: upgrade to 0:2.0.0-24.gitd1c6db8.el7_9
|
| Red Hat:enterprise_linux:7::workstation | redhat | python-pillow-devel |
< 0:2.0.0-24.gitd1c6db8.el7_9 Fix: upgrade to 0:2.0.0-24.gitd1c6db8.el7_9
|
| Red Hat:enterprise_linux:7::workstation | redhat | python-pillow-doc |
< 0:2.0.0-24.gitd1c6db8.el7_9 Fix: upgrade to 0:2.0.0-24.gitd1c6db8.el7_9
|
| Red Hat:enterprise_linux:7::workstation | redhat | python-pillow-qt |
< 0:2.0.0-24.gitd1c6db8.el7_9 Fix: upgrade to 0:2.0.0-24.gitd1c6db8.el7_9
|
| Red Hat:enterprise_linux:7::workstation | redhat | python-pillow-sane |
< 0:2.0.0-24.gitd1c6db8.el7_9 Fix: upgrade to 0:2.0.0-24.gitd1c6db8.el7_9
|
| Red Hat:enterprise_linux:7::workstation | redhat | python-pillow-tk |
< 0:2.0.0-24.gitd1c6db8.el7_9 Fix: upgrade to 0:2.0.0-24.gitd1c6db8.el7_9
|
Original title
Red Hat Security Advisory: python-pillow security update
osv CVSS3.1
7.5
- https://access.redhat.com/errata/RHSA-2024:0345 Vendor Advisory
- https://access.redhat.com/security/updates/classification/#moderate Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2247820 Third Party Advisory
- https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0345.j... Vendor Advisory
- https://access.redhat.com/security/cve/CVE-2023-44271 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2023-44271 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2023-44271 Vendor Advisory
- https://devhub.checkmarx.com/cve-details/CVE-2023-44271/ Third Party Advisory
- https://github.com/python-pillow/Pillow/pull/7244 Third Party Advisory
Published: 16 Sep 2024 · Updated: 10 Jun 2026 · First seen: 10 Jun 2026