PyPI: pillow-simd

SFTY-20240906-89983

Safety legacy ID: pyup.io-73080

Pillow-simd is potentially vulnerable to DoS attacks through PIL.ImageFont.ImageFont.getmask(). #Note: This CVE originates in the original package, Pillow, from which Pillow-simd is forked. However, this CVE is fixed in Pillow, but there is still no fix in Pillow-simd.

PythonPyPI
Created at: Nov 5, 2025Updated at: Nov 5, 2025

Overview

Pillow-simd is potentially vulnerable to DoS attacks through PIL.ImageFont.ImageFont.getmask(). #Note: This CVE originates in the original package, Pillow, from which Pillow-simd is forked. However, this CVE is fixed in Pillow, but there is still no fix in Pillow-simd.

Advisory

Pillow-simd is potentially vulnerable to DoS attacks through PIL.ImageFont.ImageFont.getmask(). #Note: This CVE originates in the original package, Pillow, from which Pillow-simd is forked. However, this CVE is fixed in Pillow, but there is still no fix in Pillow-simd.

Affected Package

Affecting pillow-simd package, versions
<10.2.0

Also affects

---

How to Fix

We recommend updating pillow-simd to the latest non-vulnerable version.

Mitigation and Workarounds

---

Vulnerable Functions

Functions linked to known vulnerabilities.

Vulnerable function data is available for Enterprise customers

Book a call with us to see Safety in action.

References

Safety

Verified by Safety

Our Cybersecurity Intelligence Team reviewed this vulnerability. We combine public data with our own research to find issues not yet reported to public sources.

Learn more