HIGH 7.5
PYSEC-2026-2249
상세
Pillow is a Python imaging library. From 10.3.0 to before 12.1.1, an out-of-bounds write may be triggered when loading a specially crafted PSD image. This vulnerability is fixed in 12.1.1.
이 버전이 영향받나요?
사용 중인 패키지 버전을 입력하면 즉시 평가합니다.
영향 패키지
참고
- https://access.redhat.com/security/cve/CVE-2026-25990 [WEB]
- https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-25990.json [WEB]
- https://access.redhat.com/errata/RHSA-2026:10184 [ADVISORY]
- https://access.redhat.com/errata/RHSA-2026:14873 [ADVISORY]
- https://access.redhat.com/errata/RHSA-2026:14874 [ADVISORY]
- https://access.redhat.com/errata/RHSA-2026:16174 [ADVISORY]
- https://access.redhat.com/errata/RHSA-2026:19712 [ADVISORY]
- https://access.redhat.com/errata/RHSA-2026:28385 [ADVISORY]
- https://access.redhat.com/errata/RHSA-2026:3461 [ADVISORY]
- https://access.redhat.com/errata/RHSA-2026:3462 [ADVISORY]
- https://access.redhat.com/errata/RHSA-2026:4128 [ADVISORY]
- https://access.redhat.com/errata/RHSA-2026:4942 [ADVISORY]
- https://access.redhat.com/errata/RHSA-2026:5168 [ADVISORY]
- https://access.redhat.com/errata/RHSA-2026:5665 [ADVISORY]
- https://access.redhat.com/errata/RHSA-2026:6277 [ADVISORY]
- https://access.redhat.com/errata/RHSA-2026:6278 [ADVISORY]
- https://access.redhat.com/errata/RHSA-2026:6308 [ADVISORY]
- https://access.redhat.com/errata/RHSA-2026:6309 [ADVISORY]
- https://access.redhat.com/errata/RHSA-2026:6497 [ADVISORY]
- https://access.redhat.com/errata/RHSA-2026:6567 [ADVISORY]
- https://access.redhat.com/errata/RHSA-2026:6568 [ADVISORY]
- https://github.com/python-pillow/Pillow/security/advisories/GHSA-cfh3-3jmp-rvhc [ADVISORY]
- https://bugzilla.redhat.com/show_bug.cgi?id=2439170 [REPORT]
- http://www.openwall.com/lists/oss-security/2026/02/12/1 [FIX]
- https://github.com/python-pillow/Pillow/commit/9000313cc5d4a31bdcdd6d7f0781101abab553aa [FIX]