Pillow logo

Pillow

#1697 · by python-pillow
visionimage-understandingOCR
2.99/ 5.00
cautionBeta
Jun 12, 2026 at 11:03 AM6 signals analysedNo manual reviews · fully automated
Trust Signal Breakdown
low3 sub-signals across 6 dimensions

CVEs, dependency health, and supply chain integrity

3 of 3 sub-signals with data

Known CVEs40%2.7

66 CVE(s) found — 2 unpatched

via OSV.dev

Dependency Health30%4.0

26 dependencies (low)

via npm / PyPI

Supply Chain30%4.8

15 transitive CVEs found (penalty: -0.25)

via npm provenance

Uptime, latency, error rates, and incident history

0 of 0 sub-signals with data

Commit recency, release cadence, issue response, CI/CD

0 of 0 sub-signals with data

Downloads, stars, dependents, and growth trajectory

0 of 0 sub-signals with data

License, documentation, security policy, changelog

0 of 0 sub-signals with data

Track record, org maturity, community standing

0 of 0 sub-signals with data

Limited data available — 5 of 6 signals pending evaluation

About this score
Scored across 3 sub-signals in 6 dimensionsScoring engine v1 (beta) — actively being expandedPhase 1: Core sub-signal architecture (live)Phase 2: Permission scope & expanded collection (in progress)
Trust AssessmentAI Assessment

Modern fork of the Python Imaging Library providing image processing capabilities including format conversion, filtering, enhancement, and drawing operations.

Package Availability (30d)
100.00%
p50: 101ms · p99: 111ms
Avg Latency
97ms
averaged across 30d health checks
Weekly Downloads
no package registry data
Incidents & Alertslast 90 days
Mar 1Trust score decreased by 0.583.24
Feb 25Critical CVE detected — patched in v10.2.03.52
Feb 25Trust score increased by 2.533.52
Feb 23pillow added to Trust Index0.99
Feb 23112 known CVE(s) detected in dependencies0.99
Showing 5 of 5 events
Score History90 snapshots
5.003.752.501.250.00
Feb 23May 7
Supply Chain & Dependenciestrust chain
arro3-compute
pypi · *
arro3-core
pypi · *
check-manifest
pypi · *
coverage
pypi · >=7.4.2; extra == "tests"
defusedxml
pypi · *
furo
pypi · *
Showing 6 of 22 dependencies
Data Sources6 indexed
OSV.devCVE database · vulnerability scanning for npm & PyPI packages
GitHub APICommits, issues, releases, repo metadata, transparency checks
npm RegistryPackage metadata, weekly downloads, maintainers, dependencies
PyPIPackage metadata, weekly downloads, dependency tree
HTTP Health Checks15-min pings · uptime, latency, status monitoring
PyPI StatsDownload statistics and trends
Version Historyscore per release
VERSIONRELEASEDSCOREDELTA
12.1.1Feb 11, 20263.52
12.1.0Jan 2, 20263.52
12.0.0Oct 15, 20253.52
11.3.0Jul 1, 20253.52
11.2.1Apr 12, 20253.52
11.1.0Jan 2, 20253.52
Showing 6 of 10 releases

Are you the publisher?

Claim this profile to unlock deeper evaluation, real-time monitoring,
and trust signals that help agents discover your service.

Share this Trust Score

Generate a scorecard image optimised for X, LinkedIn and other social platforms.

⬇ Download Score Card