2 matches found
CVE-2026-59197
Pillow (Python Imaging Library) contains a heap out-of-bounds write in the public rank-filter API prior to version 12.3.0. The flaw occurs when an extremely large odd filter size is used, because ImageFilter.RankFilter.filter() calls image.expand(size // 2, size // 2) before rank-filter size vali...
PT-2026-58105
Name of the Vulnerable Software and Affected Versions Pillow versions prior to 12.3.0 Description The public rank-filter API in the Pillow Python imaging library allows a native heap out-of-bounds write when a very large odd filter size is provided. This occurs because the...