2 matches found
DEBIAN-CVE-2026-54058
Pillow is a Python imaging library. Prior to 12.3.0, when Pillow loads an uncompressed McIdas AREA image from a filename through the mmap raw codec path, attacker-controlled header words can set a row stride smaller than the natural row width, causing pixel access such as Image.tobytes, getpixel,...
CVE-2026-54058
Pillow (Python imaging library) is affected up to version 12.2.x. In the mmap raw codec path for uncompressed McIdas AREA images, attacker-controlled header words can set a row stride smaller than the natural row width, making reads from Image.tobytes(), getpixel, convert, or save read beyond the...