Tag
image-processing
Safeguard articles tagged "image-processing" — guides, analysis, and best practices for software supply chain and application security.
2 articles
Security Guides
Pillow (PIL) Security Guide (2026)
Pillow is the default image library for Python — and because it parses untrusted image bytes and once shipped an eval-based ImageMath, it has a long, real CVE history spanning arbitrary code execution and native buffer overflows.
Jul 4, 20266 min read
Vulnerability Analysis
CVE-2023-50447: Arbitrary code execution via Pillow Image...
A patch bypass in Pillow's ImageMath.eval() reopens arbitrary code execution first flagged in CVE-2022-22817. Here's what changed and how to remediate it.
Oct 4, 20258 min read