PyPI: monoshape

CVE-2021-25288

Safety vulnerability ID: SFTY-20210602-56308

Safety legacy ID: pyup.io-43460

Monoshape 1.2 includes a vulnerable version of Pillow (6.2).

PyPI

NVD

Created at: Nov 5, 2025Updated at: Nov 5, 2025

Overview

Monoshape 1.2 includes a vulnerable version of Pillow (6.2).

Advisory

Monoshape 1.2 includes a vulnerable version of Pillow (6.2).

Affected Package

Affecting monoshape package, versions

<1.2

Also affects

---

How to Fix

Upgrade

monoshape

1.2

or higher.

Mitigation and Workarounds

---

Vulnerable Functions

Functions linked to known vulnerabilities.

Vulnerable function data is available for Enterprise customers

Book a call with us to see Safety in action.

References

https://getsafety.com/vulnerabilities/SFTY-20210602-56308/CVE-2021-25288
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25288
https://github.com/python-pillow/Pillow/pull/5377#issuecomment-833821470
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQHA5HAIBOYI3R6HDWCLAGFTIQP767FL/
https://pillow.readthedocs.io/en/stable/releasenotes/8.2.0.html#cve-2021-25287-cve-2021-25288-fix-oob-read-in-jpeg2kdecode
https://security.gentoo.org/glsa/202107-33

Verified by Safety

Our Cybersecurity Intelligence Team reviewed this vulnerability. We combine public data with our own research to find issues not yet reported to public sources.

Learn more