GHSA-G82G-J283-HJ97 imgaug contains an insecure deserialization vulnerability in BackgroundAugmenter class within multicore.py module

The imgaug library thru 0.4.0 contains an insecure deserialization vulnerability in its BackgroundAugmenter class within the multicore.py module. The class uses Python's pickle module to deserialize data received via a multiprocessing queue in the augmentimagesworker method without any safety...

imgaug contains an insecure deserialization vulnerability in BackgroundAugmenter class within multicore.py module

The imgaug library thru 0.4.0 contains an insecure deserialization vulnerability in its BackgroundAugmenter class within the multicore.py module. The class uses Python's pickle module to deserialize data received via a multiprocessing queue in the augmentimagesworker method without any safety...

CVE-2026-31235

The imgaug library thru 0.4.0 contains an insecure deserialization vulnerability in its BackgroundAugmenter class within the multicore.py module. The class uses Python's pickle module to deserialize data received via a multiprocessing queue in the augmentimagesworker method without any safety...

imgaug 安全漏洞

imgaug is a image enhancement tool library developed by Alexander Jung, used for data augmentation in machine learning. Imgaug versions 0.4.0 and earlier contain security vulnerabilities. These vulnerabilities stem from the BackgroundAugmenter class using the Python pickle module for...

CVE-2026-31235

The CVE-2026-31235 issue affects the imgaug library up to version 0.4.0, specifically the BackgroundAugmenter class in multicore.py. The vulnerability arises from deserializing data with Python pickle via a multiprocessing queue in the _augment_images_worker method without safety checks. An attac...