- Installation
- Handbook
- Reference
ImagemoduleImageChops(“channel operations”) moduleImageCmsmoduleImageColormoduleImageDrawmoduleImageEnhancemoduleImageFilemoduleImageFiltermoduleImageFontmoduleImageGrabmoduleImageMathmoduleImageMorphmoduleImageOpsmoduleImagePalettemoduleImagePathmoduleImageQtmoduleImageSequencemoduleImageShowmoduleImageStatmoduleImageTextmoduleImageTkmoduleImageTransformmoduleImageWinmodule (Windows-only)ExifTagsmoduleTiffTagsmoduleJpegPresetsmodulePSDrawmodulePixelAccessclassfeaturesmodule- PIL package (autodoc of remaining modules)
- Plugin reference
- Internal reference
- Porting
- About
- Release notes
- 12.0.0 (2025-10-15)
- 11.3.0 (2025-07-01)
- 11.2.1 (2025-04-12)
- 11.1.0 (2025-01-02)
- 11.0.0 (2024-10-15)
- 10.4.0 (2024-07-01)
- 10.3.0 (2024-04-01)
- 10.2.0 (2024-01-02)
- 10.1.0 (2023-10-15)
- 10.0.1 (2023-09-15)
- 10.0.0 (2023-07-01)
- 9.5.0 (2023-04-01)
- 9.4.0 (2023-01-02)
- 9.3.0 (2022-10-29)
- 9.2.0 (2022-07-01)
- 9.1.1 (2022-05-17)
- 9.1.0 (2022-04-01)
- 9.0.1 (2022-02-03)
- 9.0.0 (2022-01-02)
- 8.4.0 (2021-10-15)
- 8.3.2 (2021-09-02)
- 8.3.1 (2021-07-06)
- 8.3.0 (2021-07-01)
- 8.2.0 (2021-04-01)
- 8.1.2 (2021-03-06)
- 8.1.1 (2021-03-01)
- 8.1.0 (2021-01-02)
- 8.0.1 (2020-10-22)
- 8.0.0 (2020-10-14)
- 7.2.0 (2020-06-30)
- 7.1.2 (2020-04-25)
- 7.1.1 (2020-04-02)
- 7.1.0 (2020-04-01)
- 7.0.0 (2020-01-02)
- 6.2.2 (2020-01-02)
- 6.2.1 (2019-10-20)
- 6.2.0 (2019-10-01)
- 6.1.0 (2019-07-02)
- 6.0.0 (2019-04-02)
- 5.4.1 (2019-01-06)
- 5.4.0 (2019-01-01)
- 5.3.0 (2018-10-01)
- 5.2.0 (2018-07-01)
- 5.1.0 (2018-04-02)
- 5.0.0 (2018-01-01)
- 4.3.0 (2017-10-02)
- 4.2.1 (2017-07-06)
- 4.2.0 (2017-07-01)
- 4.1.1 (2017-04-28)
- 4.1.0 (2017-04-03)
- 4.0.0 (2017-01-01)
- 3.4.0 (2016-10-03)
- 3.3.2 (2016-09-29)
- 3.3.0 (2016-07-01)
- 3.2.0 (2016-04-01)
- 3.1.2 (2016-04-01)
- 3.1.1 (2016-02-04)
- 3.1.0 (2016-01-04)
- 3.0.0 (2015-10-01)
- 2.8.0 (2015-04-01)
- 2.7.0 (2014-12-31)
- 2.6.0 (2014-10-01)
- 2.5.2 (2014-08-12)
- 2.3.2 (2014-08-12)
- 2.3.1 (2014-03-14)
- Versioning
- Deprecations and removals
3.1.2 (2016-04-01)¶
Security¶
CVE 2016-3076: Buffer overflow in Jpeg2KEncode.c¶
Pillow between 2.5.0 and 3.1.1 may overflow a bufferwhen writing large Jpeg2000 files, allowing for code execution or othermemory corruption.
This occurs specifically in the functionj2k_encode_entry, at the line:
state->buffer=malloc(tile_width*tile_height*components*prec/8);
This vulnerability requires a particular value forheight*widthsuch thatheight*width*components*precision overflows, atwhich point the malloc will be for a smaller value than expected. Thebuffer that is allocated will be((height*width*components*precision)mod(2^31)/8), where components is 1-4 and precision iseither 8 or16. Common values would be 4 components at precision 8 for a standardRGBA image.
The unpackers then split an image that is laid out:
RGBARGBARGBA....
into:
RRR.GGG.BBB.AAA.
If this buffer is smaller than expected, the jpeg2k unpacker functionswill write outside the allocation and onto the heap, corruptingmemory.
This issue was found by Alyssa Besseling at Atlassian.