2 matches found
CVE-2026-54058
Pillow is a Python imaging library. Prior to 12.3.0, when Pillow loads an uncompressed McIdas AREA image from a filename through the mmap raw codec path, attacker-controlled header words can set a row stride smaller than the natural row width, causing pixel access such as Image.tobytes, getpixel,...
PT-2026-58104
Name of the Vulnerable Software and Affected Versions Pillow versions prior to 12.3.0 Description When loading an uncompressed McIdas AREA image from a filename using the mmap raw codec path, attacker-controlled header words can set a row stride smaller than the natural row width. This leads to...