3 matches found
UBUNTU-CVE-2026-40192
Pillow is a Python imaging library. Versions 10.3.0 through 12.1.1 did not limit the amount of GZIP-compressed data read when decoding a FITS image, making them vulnerable to decompression bomb attacks. A specially crafted FITS file could cause unbounded memory consumption, leading to denial of...
CVE-2026-25990
Pillow is a Python imaging library. From 10.3.0 to before 12.1.1, an out-of-bounds write may be triggered when loading a specially crafted PSD image. This vulnerability is fixed in 12.1.1...
Pillow 缓冲区错误漏洞
Pillow is an open-source image processing library developed by Pillow. Versions of Pillow from 10.3.0 to 12.1.1 contained a buffer error vulnerability. This vulnerability occurred when loading specially crafted PSD images, potentially leading to out-of-bounds write operations...