SecBoard
Zurück zur CVE-Übersicht

CVE-2026-59204

NONE
Risk Signal Score10/100 — NIEDRIG
  • Weniger als 24 Stunden alt

Beschreibung

Pillow is a Python imaging library. From 8.2.0 through 12.2.0, src/libImaging/Jpeg2KDecode.c accumulates total_component_width across every tile in a JPEG2000 image instead of recomputing it per tile, allowing a crafted tiled JPEG2000 file to force substantially higher transient memory usage and trigger out-of-memory failures during decoding. This issue is fixed in version 12.3.0.

Referenzen