[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2024-28219":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":63,"aliases":64,"duplicate_of":9,"upstream":67,"downstream":68,"duplicates":101,"related":102,"reserved_at":9,"published_at":119,"modified_at":120,"state":121,"summary":122,"references_raw":131,"kevs":174,"epss":175,"epss_history":178,"metrics":439,"affected":457},"CVE-2024-28219","In _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-680","Integer Overflow to Buffer Overflow","The product performs a calculation to determine how much memory to allocate, but an integer overflow can occur that causes less memory to be allocated than expected, leading to a buffer overflow.","weakness","Draft","Compound",[19,23,27,31,35,39,43,47,51,55,59],{"id":20,"name":21,"techniques":22},"CAPEC-10","Buffer Overflow via Environment Variables",[],{"id":24,"name":25,"techniques":26},"CAPEC-100","Overflow Buffers",[],{"id":28,"name":29,"techniques":30},"CAPEC-14","Client-side Injection-induced Buffer Overflow",[],{"id":32,"name":33,"techniques":34},"CAPEC-24","Filter Failure through Buffer Overflow",[],{"id":36,"name":37,"techniques":38},"CAPEC-45","Buffer Overflow via Symbolic Links",[],{"id":40,"name":41,"techniques":42},"CAPEC-46","Overflow Variables and Tags",[],{"id":44,"name":45,"techniques":46},"CAPEC-47","Buffer Overflow via Parameter Expansion",[],{"id":48,"name":49,"techniques":50},"CAPEC-67","String Format Overflow in syslog()",[],{"id":52,"name":53,"techniques":54},"CAPEC-8","Buffer Overflow in an API Call",[],{"id":56,"name":57,"techniques":58},"CAPEC-9","Buffer Overflow in Local Command-Line Utilities",[],{"id":60,"name":61,"techniques":62},"CAPEC-92","Forced Integer Overflow",[],[],[65,66],"GHSA-44wm-f244-xhp3","BIT-pillow-2024-28219",[],[69,71,73,75,77,79,81,83,85,87,89,91,93,95,97,99],{"_key":70},"SUSE-SU-2024:1267-1",{"_key":72},"SUSE-SU-2024:1268-1",{"_key":74},"UBUNTU-CVE-2024-28219",{"_key":76},"USN-6744-2",{"_key":78},"USN-6744-3",{"_key":80},"SUSE-SU-2024:1154-1",{"_key":82},"SUSE-SU-2024:1258-1",{"_key":84},"OPENSUSE-SU-2024:13827-1",{"_key":86},"DLA-3786-1",{"_key":88},"DSA-5704-1",{"_key":90},"MGASA-2024-0133",{"_key":92},"DEBIAN-CVE-2024-28219",{"_key":94},"USN-6744-1",{"_key":96},"RHSA-2024:3781",{"_key":98},"RHSA-2024:4227",{"_key":100},"RHSA-2024:5662",[],[103,104,105,106,107,108,109,111,113,115,117],{"_key":70},{"_key":72},{"_key":80},{"_key":82},{"_key":84},{"_key":90},{"_key":110},"CGA-8F93-CM44-8XPH",{"_key":112},"CGA-H7HV-J259-XCFP",{"_key":114},"CGA-QQC6-PXQX-FJMC",{"_key":116},"CGA-WVC6-3W4X-F53Q",{"_key":118},"CGA-93XH-FPRR-GGWG","2024-04-03T00:00:00.000Z","2025-11-04T18:30:27.655Z","Modified",{"cisa_kev":123,"cisa_ransomware":123,"cisa_vendor":9,"epss_severity":124,"epss_score":125,"severity":126,"severity_score":127,"severity_version":128,"severity_source":129,"severity_vector":130,"severity_status":121},false,"low",0.00354,"medium",6.7,"v3.1","cve.org","CVSS:3.1/AC:H/AV:L/A:H/C:H/I:H/PR:L/S:U/UI:R",[132,140,146,152,156,161,165,170],{"url":133,"sources":134,"tags":137},"https://pillow.readthedocs.io/en/stable/releasenotes/10.3.0.html#security",[129,135,136],"nvd","osv_pypi",[138,139],"Release Notes","WEB",{"url":141,"sources":142,"tags":143},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4XLPUT3VK4GQ6EVY525TT2QNUIXNRU5M/",[129,135],[144,145],"Vendor Advisory","Broken Link",{"url":147,"sources":148,"tags":149},"https://lists.debian.org/debian-lts-announce/2024/04/msg00008.html",[129,135,136],[150,151,139],"Mailing List","Third Party Advisory",{"url":153,"sources":154,"tags":155},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4XLPUT3VK4GQ6EVY525TT2QNUIXNRU5M/",[129,135],[],{"url":157,"sources":158,"tags":159},"https://nvd.nist.gov/vuln/detail/CVE-2024-28219",[136],[160],"Advisory",{"url":162,"sources":163,"tags":164},"https://github.com/python-pillow/Pillow/commit/2a93aba5cfcf6e241ab4f9392c13e3b74032c061",[136],[139],{"url":166,"sources":167,"tags":168},"https://github.com/python-pillow/Pillow",[136],[169],"PACKAGE",{"url":171,"sources":172,"tags":173},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4XLPUT3VK4GQ6EVY525TT2QNUIXNRU5M",[136],[139],[],{"date":176,"score":125,"percentile":177},"2026-06-04",0.58026,[179,183,186,189,192,195,198,201,204,207,210,213,215,218,221,225,228,231,235,237,240,243,246,249,252,255,258,261,264,267,269,272,275,277,280,283,286,289,291,294,297,299,302,304,307,311,314,317,320,323,326,329,332,335,338,341,343,345,348,351,354,357,360,363,366,369,372,375,378,380,383,386,389,392,395,398,401,404,406,408,410,413,416,419,422,424,427,430,433,436],{"date":180,"score":181,"percentile":182},"2025-11-04",0.00284,0.51425,{"date":184,"score":181,"percentile":185},"2025-11-05",0.51405,{"date":187,"score":181,"percentile":188},"2025-11-06",0.51423,{"date":190,"score":181,"percentile":191},"2025-11-07",0.51447,{"date":193,"score":181,"percentile":194},"2025-11-08",0.51453,{"date":196,"score":181,"percentile":197},"2025-11-09",0.51445,{"date":199,"score":181,"percentile":200},"2025-11-10",0.51417,{"date":202,"score":181,"percentile":203},"2025-11-11",0.51435,{"date":205,"score":181,"percentile":206},"2025-11-12",0.5146,{"date":208,"score":181,"percentile":209},"2025-11-13",0.51462,{"date":211,"score":181,"percentile":212},"2025-11-14",0.51467,{"date":214,"score":181,"percentile":209},"2025-11-15",{"date":216,"score":181,"percentile":217},"2025-11-16",0.51441,{"date":219,"score":181,"percentile":220},"2025-11-17",0.51422,{"date":222,"score":223,"percentile":224},"2025-11-18",0.00573,0.66109,{"date":226,"score":223,"percentile":227},"2025-11-19",0.66115,{"date":229,"score":223,"percentile":230},"2025-11-20",0.66112,{"date":232,"score":233,"percentile":234},"2025-11-21",0.00292,0.52191,{"date":236,"score":233,"percentile":234},"2025-11-22",{"date":238,"score":233,"percentile":239},"2025-11-23",0.52152,{"date":241,"score":233,"percentile":242},"2025-11-24",0.52142,{"date":244,"score":181,"percentile":245},"2025-11-25",0.5139,{"date":247,"score":181,"percentile":248},"2025-11-26",0.51391,{"date":250,"score":181,"percentile":251},"2025-11-27",0.51396,{"date":253,"score":181,"percentile":254},"2025-11-28",0.51358,{"date":256,"score":181,"percentile":257},"2025-11-29",0.51338,{"date":259,"score":181,"percentile":260},"2025-11-30",0.51326,{"date":262,"score":181,"percentile":263},"2025-12-01",0.51473,{"date":265,"score":181,"percentile":266},"2025-12-02",0.51496,{"date":268,"score":181,"percentile":266},"2025-12-03",{"date":270,"score":181,"percentile":271},"2025-12-04",0.51344,{"date":273,"score":181,"percentile":274},"2025-12-05",0.51368,{"date":276,"score":181,"percentile":274},"2025-12-06",{"date":278,"score":181,"percentile":279},"2025-12-07",0.51357,{"date":281,"score":181,"percentile":282},"2025-12-08",0.51363,{"date":284,"score":181,"percentile":285},"2025-12-09",0.51386,{"date":287,"score":181,"percentile":288},"2025-12-10",0.51451,{"date":290,"score":181,"percentile":212},"2025-12-11",{"date":292,"score":181,"percentile":293},"2025-12-12",0.51498,{"date":295,"score":181,"percentile":296},"2025-12-13",0.51483,{"date":298,"score":181,"percentile":212},"2025-12-14",{"date":300,"score":181,"percentile":301},"2025-12-15",0.51448,{"date":303,"score":181,"percentile":209},"2025-12-16",{"date":305,"score":181,"percentile":306},"2025-12-17",0.51482,{"date":308,"score":309,"percentile":310},"2025-12-18",0.00261,0.49363,{"date":312,"score":309,"percentile":313},"2025-12-19",0.4937,{"date":315,"score":309,"percentile":316},"2025-12-20",0.49352,{"date":318,"score":309,"percentile":319},"2025-12-21",0.49324,{"date":321,"score":309,"percentile":322},"2025-12-22",0.49311,{"date":324,"score":309,"percentile":325},"2025-12-23",0.49307,{"date":327,"score":309,"percentile":328},"2025-12-24",0.49318,{"date":330,"score":309,"percentile":331},"2025-12-25",0.49371,{"date":333,"score":309,"percentile":334},"2025-12-26",0.4936,{"date":336,"score":309,"percentile":337},"2025-12-27",0.49382,{"date":339,"score":309,"percentile":340},"2025-12-28",0.49301,{"date":342,"score":181,"percentile":220},"2025-12-29",{"date":344,"score":181,"percentile":200},"2025-12-30",{"date":346,"score":181,"percentile":347},"2025-12-31",0.51456,{"date":349,"score":181,"percentile":350},"2026-01-01",0.51623,{"date":352,"score":181,"percentile":353},"2026-01-02",0.51599,{"date":355,"score":181,"percentile":356},"2026-01-03",0.51597,{"date":358,"score":181,"percentile":359},"2026-01-04",0.51424,{"date":361,"score":181,"percentile":362},"2026-01-05",0.51406,{"date":364,"score":181,"percentile":365},"2026-01-06",0.51412,{"date":367,"score":181,"percentile":368},"2026-01-07",0.51433,{"date":370,"score":181,"percentile":371},"2026-01-08",0.51454,{"date":373,"score":181,"percentile":374},"2026-01-09",0.51439,{"date":376,"score":181,"percentile":377},"2026-01-10",0.51436,{"date":379,"score":181,"percentile":200},"2026-01-11",{"date":381,"score":181,"percentile":382},"2026-01-12",0.51375,{"date":384,"score":181,"percentile":385},"2026-01-13",0.5135,{"date":387,"score":181,"percentile":388},"2026-01-14",0.51398,{"date":390,"score":181,"percentile":391},"2026-01-15",0.51403,{"date":393,"score":181,"percentile":394},"2026-01-16",0.51419,{"date":396,"score":181,"percentile":397},"2026-01-17",0.51397,{"date":399,"score":181,"percentile":400},"2026-01-18",0.51378,{"date":402,"score":181,"percentile":403},"2026-01-19",0.51355,{"date":405,"score":181,"percentile":403},"2026-01-20",{"date":407,"score":181,"percentile":403},"2026-01-21",{"date":409,"score":181,"percentile":282},"2026-01-22",{"date":411,"score":181,"percentile":412},"2026-01-23",0.51408,{"date":414,"score":181,"percentile":415},"2026-01-24",0.51413,{"date":417,"score":181,"percentile":418},"2026-01-25",0.51367,{"date":420,"score":181,"percentile":421},"2026-01-26",0.51345,{"date":423,"score":181,"percentile":385},"2026-01-27",{"date":425,"score":181,"percentile":426},"2026-01-28",0.51361,{"date":428,"score":181,"percentile":429},"2026-01-29",0.5136,{"date":431,"score":181,"percentile":432},"2026-01-30",0.51365,{"date":434,"score":181,"percentile":435},"2026-01-31",0.51371,{"date":437,"score":181,"percentile":438},"2026-02-01",0.51508,[440,445,451],{"source":129,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":441,"cvss_v4_0":9},{"baseScore":127,"baseSeverity":442,"vectorString":130,"impactScore":443,"exploitabilityScore":444},"MEDIUM",9.8,2.1,{"source":135,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":446,"cvss_v4_0":9},{"baseScore":447,"baseSeverity":442,"vectorString":448,"impactScore":449,"exploitabilityScore":450},5.9,"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",6,5.6,{"source":136,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":452,"cvss_v4_0":454},{"baseScore":127,"baseSeverity":9,"vectorString":453,"impactScore":443,"exploitabilityScore":444},"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",{"baseScore":455,"baseSeverity":9,"vectorString":456,"impactScore":9,"exploitabilityScore":9},7.3,"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",[458,467,478],{"ecosystem":9,"name":459,"vendor":460,"product":461,"cpe_part":462,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":463},"debian linux","debian","debian_linux","o",[464],{"version":465,"is_range":123,"range_type":466,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.0","cpe",{"ecosystem":468,"name":469,"vendor":468,"product":469,"cpe_part":9,"purl_type":470,"purl_namespace":9,"purl_name":469,"source":9,"versions":471},"PyPI","pillow","pypi",[472],{"version":473,"is_range":474,"range_type":475,"version_start":9,"version_start_type":9,"version_end":476,"version_end_type":477,"fixed_in":9},"lt10_3_0",true,"ecosystem","10.3.0","excluding",{"ecosystem":9,"name":469,"vendor":479,"product":469,"cpe_part":480,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":481},"python","a",[482],{"version":483,"is_range":474,"range_type":466,"version_start":9,"version_start_type":9,"version_end":476,"version_end_type":477,"fixed_in":9},"lt10.3.0"]