2 matches found
MGASA-2026-0219 Updated python-pillow packages fix security vulnerabilities
Integer overflow when processing fonts. CVE-2026-42308 PDF Parsing Trailer Infinite Loop DoS. CVE-2026-42310...
CVE-2026-42310
CVE-2026-42310 affects the Pillow Python imaging library. The vulnerability lies in the PdfParser logic: Pdf trailers’ Prev pointers can reference already-processed offsets, creating a cycle that causes an infinite loop and 100% CPU usage, potentially hanging the process. Affected versions are Pi...