Critical severityNVD Advisory· Published Jan 7, 2022· Updated Oct 15, 2024

CVE-2022-22817

Description

PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitrary expressions, such as ones that use the Python exec method. A lambda expression could also be used.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Pillow before 9.0.0 allows arbitrary code execution via ImageMath.eval by passing expressions that invoke Python builtins such as `exec`.

Vulnerability

PIL.ImageMath.eval in Pillow versions prior to 9.0.0 exposed Python builtins to the expression evaluator, allowing an attacker to craft arbitrary expressions. For example, ImageMath.eval("exec(exit())") would execute the exec builtin. The vulnerability is present in all versions before 9.0.0 [1][3].

Exploitation

An attacker who can control the expression passed to PIL.ImageMath.eval can inject arbitrary Python code. No authentication or special privileges are needed beyond the ability to supply an expression to the vulnerable function. The attacker can use builtins like exec, eval, __import__, or lambda expressions to execute arbitrary commands. For instance, ImageMath.eval("exec('import os; os.system(\"id\")')") would run system commands [1][2].

Impact

Successful exploitation leads to arbitrary code execution with the privileges of the Python process using Pillow. This can result in full compromise of the application, including data exfiltration, file modification, or further lateral movement within the environment [2][3].

Mitigation

The fix was released in Pillow 9.0.0 on 2022-01-02, which restricts the builtins available to ImageMath.eval to only image-related functions. Users should upgrade to Pillow 9.0.0 or later. For older versions, no official workaround is provided; upgrading is the recommended action [3][4].

References

AI Insight generated on May 21, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected packages

Versions sourced from the GitHub Security Advisory.

Package	Affected versions	Patched versions
pillowPyPI	< 9.0.1	9.0.1

Affected products

Pillow/Pillowdescription
osv-coords54 versions
pkg:bitnami/pillow pkg:pypi/pillow pkg:rpm/almalinux/python3-pillow pkg:rpm/almalinux/python3-pillow-devel pkg:rpm/almalinux/python3-pillow-doc pkg:rpm/almalinux/python3-pillow-tk pkg:rpm/suse/ardana-barbican&distro=SUSE%20OpenStack%20Cloud%209 pkg:rpm/suse/grafana&distro=SUSE%20OpenStack%20Cloud%209 pkg:rpm/suse/grafana&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209 pkg:rpm/suse/openstack-barbican&distro=SUSE%20OpenStack%20Cloud%209 pkg:rpm/suse/openstack-barbican&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209 pkg:rpm/suse/openstack-cinder&distro=SUSE%20OpenStack%20Cloud%209 pkg:rpm/suse/openstack-cinder&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209 pkg:rpm/suse/openstack-heat-gbp&distro=SUSE%20OpenStack%20Cloud%209 pkg:rpm/suse/openstack-heat-gbp&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209 pkg:rpm/suse/openstack-horizon-plugin-gbp-ui&distro=SUSE%20OpenStack%20Cloud%209 pkg:rpm/suse/openstack-horizon-plugin-gbp-ui&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209 pkg:rpm/suse/openstack-ironic&distro=SUSE%20OpenStack%20Cloud%209 pkg:rpm/suse/openstack-ironic&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209 pkg:rpm/suse/openstack-keystone&distro=SUSE%20OpenStack%20Cloud%209 pkg:rpm/suse/openstack-keystone&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209 pkg:rpm/suse/openstack-neutron&distro=SUSE%20OpenStack%20Cloud%209 pkg:rpm/suse/openstack-neutron&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209 pkg:rpm/suse/openstack-neutron-gbp&distro=SUSE%20OpenStack%20Cloud%209 pkg:rpm/suse/openstack-neutron-gbp&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209 pkg:rpm/suse/python-lxml&distro=SUSE%20OpenStack%20Cloud%209 pkg:rpm/suse/python-lxml&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209 pkg:rpm/suse/python-Pillow&distro=HPE%20Helion%20OpenStack%208 pkg:rpm/suse/python-Pillow&distro=SUSE%20OpenStack%20Cloud%208 pkg:rpm/suse/python-Pillow&distro=SUSE%20OpenStack%20Cloud%209 pkg:rpm/suse/python-Pillow&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208 pkg:rpm/suse/python-Pillow&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209 pkg:rpm/suse/python-XStatic-jquery-ui&distro=SUSE%20OpenStack%20Cloud%209 pkg:rpm/suse/python-XStatic-jquery-ui&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209 pkg:rpm/suse/release-notes-suse-openstack-cloud&distro=SUSE%20OpenStack%20Cloud%209 pkg:rpm/suse/release-notes-suse-openstack-cloud&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209 pkg:rpm/suse/rubygem-sinatra&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209 pkg:rpm/suse/venv-openstack-barbican&distro=SUSE%20OpenStack%20Cloud%209 pkg:rpm/suse/venv-openstack-cinder&distro=SUSE%20OpenStack%20Cloud%209 pkg:rpm/suse/venv-openstack-designate&distro=SUSE%20OpenStack%20Cloud%209 pkg:rpm/suse/venv-openstack-glance&distro=SUSE%20OpenStack%20Cloud%209 pkg:rpm/suse/venv-openstack-heat&distro=SUSE%20OpenStack%20Cloud%209 pkg:rpm/suse/venv-openstack-horizon&distro=SUSE%20OpenStack%20Cloud%209 pkg:rpm/suse/venv-openstack-ironic&distro=SUSE%20OpenStack%20Cloud%209 pkg:rpm/suse/venv-openstack-keystone&distro=SUSE%20OpenStack%20Cloud%209 pkg:rpm/suse/venv-openstack-magnum&distro=SUSE%20OpenStack%20Cloud%209 pkg:rpm/suse/venv-openstack-manila&distro=SUSE%20OpenStack%20Cloud%209 pkg:rpm/suse/venv-openstack-monasca-ceilometer&distro=SUSE%20OpenStack%20Cloud%209 pkg:rpm/suse/venv-openstack-monasca&distro=SUSE%20OpenStack%20Cloud%209 pkg:rpm/suse/venv-openstack-neutron&distro=SUSE%20OpenStack%20Cloud%209 pkg:rpm/suse/venv-openstack-nova&distro=SUSE%20OpenStack%20Cloud%209 pkg:rpm/suse/venv-openstack-octavia&distro=SUSE%20OpenStack%20Cloud%209 pkg:rpm/suse/venv-openstack-sahara&distro=SUSE%20OpenStack%20Cloud%209 pkg:rpm/suse/venv-openstack-swift&distro=SUSE%20OpenStack%20Cloud%209
< 9.0.1+ 53 more
- (no CPE)range: < 9.0.1
- (no CPE)range: < 9.0.1
- (no CPE)range: < 5.1.1-18.el8_5
- (no CPE)range: < 5.1.1-18.el8_5
- (no CPE)range: < 5.1.1-18.el8_5
- (no CPE)range: < 5.1.1-18.el8_5
- (no CPE)range: < 9.0+git.1644879908.8a641c1-3.13.1
- (no CPE)range: < 6.7.4-3.26.1
- (no CPE)range: < 6.7.4-3.26.1
- (no CPE)range: < 7.0.1~dev24-3.14.1
- (no CPE)range: < 7.0.1~dev24-3.14.1
- (no CPE)range: < 13.0.10~dev24-3.34.2
- (no CPE)range: < 13.0.10~dev24-3.34.2
- (no CPE)range: < 14.0.1~dev4-3.9.1
- (no CPE)range: < 14.0.1~dev4-3.9.1
- (no CPE)range: < 14.0.1~dev3-3.9.1
- (no CPE)range: < 14.0.1~dev3-3.9.1
- (no CPE)range: < 11.1.5~dev18-3.28.2
- (no CPE)range: < 11.1.5~dev18-3.28.2
- (no CPE)range: < 14.2.1~dev9-3.28.2
- (no CPE)range: < 14.2.1~dev9-3.28.2
- (no CPE)range: < 13.0.8~dev206-3.40.1
- (no CPE)range: < 13.0.8~dev206-3.40.1
- (no CPE)range: < 14.0.1~dev33-3.31.1
- (no CPE)range: < 14.0.1~dev33-3.31.1
- (no CPE)range: < 4.2.4-3.3.1
- (no CPE)range: < 4.2.4-3.3.1
- (no CPE)range: < 4.2.1-3.26.1
- (no CPE)range: < 4.2.1-3.26.1
- (no CPE)range: < 5.2.0-3.17.1
- (no CPE)range: < 4.2.1-3.26.1
- (no CPE)range: < 5.2.0-3.17.1
- (no CPE)range: < 1.13.0.1-4.3.1
- (no CPE)range: < 1.13.0.1-4.3.1
- (no CPE)range: < 9.20220413-3.30.1
- (no CPE)range: < 9.20220413-3.30.1
- (no CPE)range: < 1.4.6-4.3.1
- (no CPE)range: < 7.0.1~dev24-3.35.2
- (no CPE)range: < 13.0.10~dev24-3.38.1
- (no CPE)range: < 7.0.2~dev2-3.35.1
- (no CPE)range: < 17.0.1~dev30-3.33.1
- (no CPE)range: < 11.0.4~dev4-3.35.1
- (no CPE)range: < 14.1.1~dev11-4.39.1
- (no CPE)range: < 11.1.5~dev18-4.33.1
- (no CPE)range: < 14.2.1~dev9-3.36.1
- (no CPE)range: < 7.2.1~dev1-4.35.1
- (no CPE)range: < 7.4.2~dev60-3.41.1
- (no CPE)range: < 1.8.2~dev3-3.35.1
- (no CPE)range: < 2.7.1~dev10-3.37.1
- (no CPE)range: < 13.0.8~dev206-6.39.1
- (no CPE)range: < 18.3.1~dev91-3.39.1
- (no CPE)range: < 3.2.3~dev7-4.35.1
- (no CPE)range: < 9.0.2~dev15-3.35.1
- (no CPE)range: < 2.19.2~dev48-2.30.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/advisories/GHSA-8vj2-vxx3-667wghsaADVISORY
nvd.nist.gov/vuln/detail/CVE-2022-22817ghsaADVISORY
security.gentoo.org/glsa/202211-10ghsavendor-advisoryWEB
www.debian.org/security/2022/dsa-5053ghsavendor-advisoryWEB
github.com/pypa/advisory-database/tree/main/vulns/pillow/PYSEC-2022-10.yamlghsaWEB
github.com/python-pillow/Pillow/commit/8531b01d6cdf0b70f256f93092caa2a5d91afc11ghsaWEB
lists.debian.org/debian-lts-announce/2022/01/msg00018.htmlghsamailing-listWEB
lists.debian.org/debian-lts-announce/2024/03/msg00021.htmlghsamailing-listWEB
pillow.readthedocs.io/en/stable/releasenotes/9.0.0.htmlghsaWEB
pillow.readthedocs.io/en/stable/releasenotes/9.0.1.htmlghsaWEB

News mentions

No linked articles in our index yet.

cvss	0.585
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000