Ubuntu Security Notice 5777-1 - It was discovered that Pillow incorrectly handled the deletion of temporary files when using a temporary directory that contains spaces. An attacker could possibly use this issue to delete arbitrary files. This issue only affected Ubuntu 20.04 LTS. It was discovered that Pillow incorrectly handled the decompression of highly compressed GIF data. An attacker could possibly use this issue to cause Pillow to crash, resulting in a denial of service.
1fdd4b6f8214292a55f7b3b2b5203bf1289da1e625bfb65db5b140f92230bd32
Gentoo Linux Security Advisory 202211-10 - Multiple vulnerabilities have been found in Pillow, the worst of which could result in arbitrary code execution. Versions less than 9.3.0 are affected.
bd07c387b443095d407c903a3cd8cafea5051d92e07375c3d52c1299151d97bc