Critical severityNVD Advisory· Published Apr 27, 2014· Updated Jun 17, 2026
CVE-2014-3007
CVE-2014-3007
Description
Python Image Library (PIL) 1.1.7 and earlier and Pillow 2.3 might allow remote attackers to execute arbitrary commands via shell metacharacters in unspecified vectors related to CVE-2014-1932, possibly JpegImagePlugin.py.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
pillowPyPI | < 2.5.0 | 2.5.0 |
Affected products
3- cpe:2.3:a:python:pillow:2.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:pythonware:python_imaging_library:*:*:*:*:*:*:*:*Range: <=1.1.7
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.