CVE-2026-42311
EUVD-2026-2890309.05.2026, 06:16
Pillow is a Python imaging library. From version 10.3.0 to before version 12.2.0, processing a malicious PSD file could lead to memory corruption, potentially resulting in a crash or arbitrary code execution. This issue has been patched in version 12.2.0.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| python | pillow | 10.3.0 ≤ 𝑥 < 12.2.0 |
𝑥
= Vulnerable software versions
Debian Releases
Amazon Linux Releases
Amazon Package | |||||
|---|---|---|---|---|---|
| python-pillow |
| ||||
| python-pillow-debuginfo |
| ||||
| python-pillow-debugsource |
| ||||
| python-pillow-devel |
| ||||
| python-pillow-doc |
| ||||
| python-pillow-sane |
| ||||
| python-pillow-tk |
| ||||
| python3-pillow |
| ||||
| python3-pillow-debuginfo |
| ||||
| python3-pillow-devel |
| ||||
| python3-pillow-tk |
| ||||
| python3-pillow-tk-debuginfo |
|