Is pillow safe to use?

pillow has 3 known vulnerabilities on the latest version (12.2.0). DepScope rates its health at 60/100 (moderate risk).

What is the latest version of pillow?

The latest version of pillow is 12.2.0, released 2026-04-01.

Does pillow have known vulnerabilities?

Yes. pillow has 3 known vulnerabilities. See depscope.dev/pkg/conda/pillow for details.

Is pillow deprecated?

No, pillow is actively maintained. Latest release: 12.2.0 (2026-04-01).

What are alternatives to pillow?

DepScope has no curated alternatives for pillow at this time.

pillow

condav12.2.0

Pillow is the friendly PIL fork by Alex Clark and Contributors

License HPND59 versions1 maintainers0 deps241,830 weekly dl

python-pillow/Pillow/

/ 100

Health

update required

[email protected] has vulnerabilities — update to latest

Update to >= 9887544fafcd13cc8afcfa0c6d0f2e6facc1a8b8 to fix known vulnerabilities

Moderate health score (60/100) — verify manually
1 high severity vulnerabilities

Health breakdown0 – 100

20/25

maintenance

14/20

popularity

20/25

security

15/15

maturity

2/15

community

0/15

popularity_floor

Vulnerabilities

1 high2 low

Advisories (3)

Severity	ID	Summary	Fixed in
high	A-299477569	libwebp: OOB write in BuildHuffmanTable	1.1.2-0.20250406010349-76805d5a8860
unknown	OSV-2022-1074	Invalid-free in _dealloc	f7363c1091c70356d92e56abfca6b65bef9e7b26
unknown	OSV-2022-715	Segv on unknown address in jpeg_read_scanlines	9887544fafcd13cc8afcfa0c6d0f2e6facc1a8b8

OSS Scorecard

OpenSSF security posture score

7.8/10

strong

Maintainer trust

Active maintainers (3m)

5

Contributors (12m)

5

Primary author dominance

57%

GitHub stars

13,532

Health History

Dependency Tree

License Audit

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/conda/pillow

First published · 2020-07-02 12:37:30.903000+00:00

Last updated · 2026-04-01 17:13:03.478000+00:00

pillow

condav12.2.0

Pillow is the friendly PIL fork by Alex Clark and Contributors

License HPND59 versions1 maintainers0 deps241,830 weekly dl

python-pillow/Pillow/

/ 100

Health

update required

[email protected] has vulnerabilities — update to latest

Update to >= 9887544fafcd13cc8afcfa0c6d0f2e6facc1a8b8 to fix known vulnerabilities

Moderate health score (60/100) — verify manually
1 high severity vulnerabilities

Health breakdown0 – 100

20/25

maintenance

14/20

popularity

20/25

security

15/15

maturity

2/15

community

0/15

popularity_floor

Vulnerabilities

1 high2 low

Advisories (3)

Severity	ID	Summary	Fixed in
high	A-299477569	libwebp: OOB write in BuildHuffmanTable	1.1.2-0.20250406010349-76805d5a8860
unknown	OSV-2022-1074	Invalid-free in _dealloc	f7363c1091c70356d92e56abfca6b65bef9e7b26
unknown	OSV-2022-715	Segv on unknown address in jpeg_read_scanlines	9887544fafcd13cc8afcfa0c6d0f2e6facc1a8b8

OSS Scorecard

OpenSSF security posture score

7.8/10

strong

Maintainer trust

Active maintainers (3m)

5

Contributors (12m)

5

Primary author dominance

57%

GitHub stars

13,532

Health History

Dependency Tree

License Audit

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/conda/pillow

First published · 2020-07-02 12:37:30.903000+00:00

Last updated · 2026-04-01 17:13:03.478000+00:00