Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    Related vulnerabilities

    CVE-2026-59203 (GCVE-0-2026-59203)

    Vulnerability from cvelistv5 – Published: 2026-07-14 15:43 – Updated: 2026-07-15 13:52
    VLAI
    Title
    Pillow EpsImagePlugin negative %%BeginBinary byte count causes infinite loop denial of service
    Summary
    Pillow is a Python imaging library. From 12.0.0 through 12.2.0, Pillow's EPS parser in PIL/EpsImagePlugin.py accepts a negative byte count in the %%BeginBinary directive, allowing a crafted EPS file to cause Image.open() to seek backwards to the same directive and parse it repeatedly in an infinite loop. This issue is fixed in version 12.3.0.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
    Assigner
    Impacted products
    Vendor Product Version
    python-pillow Pillow Affected: >= 12.0.0, < 12.3.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-59203",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-15T13:52:13.769597Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-15T13:52:17.491Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-pg7v-jwj7-p798"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Pillow",
              "vendor": "python-pillow",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 12.0.0, \u003c 12.3.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Pillow is a Python imaging library. From 12.0.0 through 12.2.0, Pillow\u0027s EPS parser in PIL/EpsImagePlugin.py accepts a negative byte count in the %%BeginBinary directive, allowing a crafted EPS file to cause Image.open() to seek backwards to the same directive and parse it repeatedly in an infinite loop. This issue is fixed in version 12.3.0."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-835",
                  "description": "CWE-835: Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-14T15:49:07.973Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-pg7v-jwj7-p798",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-pg7v-jwj7-p798"
            },
            {
              "name": "https://github.com/python-pillow/Pillow/pull/9708",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/python-pillow/Pillow/pull/9708"
            },
            {
              "name": "https://github.com/python-pillow/Pillow/commit/03992618118b4a76b6163cd72ab5ecd684133b83",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/python-pillow/Pillow/commit/03992618118b4a76b6163cd72ab5ecd684133b83"
            },
            {
              "name": "https://github.com/python-pillow/Pillow/releases/tag/12.3.0",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/python-pillow/Pillow/releases/tag/12.3.0"
            }
          ],
          "source": {
            "advisory": "GHSA-pg7v-jwj7-p798",
            "discovery": "UNKNOWN"
          },
          "title": "Pillow EpsImagePlugin negative %%BeginBinary byte count causes infinite loop denial of service"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-59203",
        "datePublished": "2026-07-14T15:43:58.333Z",
        "dateReserved": "2026-07-02T21:05:02.923Z",
        "dateUpdated": "2026-07-15T13:52:17.491Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    PYSEC-2026-3452

    Vulnerability from pysec - Published: 2026-07-14 16:17 - Updated: 2026-07-15 18:13
    VLAI
    Details

    Pillow is a Python imaging library. From 12.0.0 through 12.2.0, Pillow's EPS parser in PIL/EpsImagePlugin.py accepts a negative byte count in the %%BeginBinary directive, allowing a crafted EPS file to cause Image.open() to seek backwards to the same directive and parse it repeatedly in an infinite loop. This issue is fixed in version 12.3.0.

    Impacted products
    Name purl
    pillow pkg:pypi/pillow

    {
      "affected": [
        {
          "ecosystem_specific": {},
          "package": {
            "ecosystem": "PyPI",
            "name": "pillow",
            "purl": "pkg:pypi/pillow"
          },
          "ranges": [
            {
              "events": [
                {
                  "introduced": "12.0.0"
                },
                {
                  "fixed": "12.3.0"
                }
              ],
              "type": "ECOSYSTEM"
            }
          ],
          "versions": [
            "12.0.0",
            "12.1.0",
            "12.1.1",
            "12.2.0"
          ]
        }
      ],
      "aliases": [
        "CVE-2026-59203",
        "GHSA-pg7v-jwj7-p798"
      ],
      "details": "Pillow is a Python imaging library. From 12.0.0 through 12.2.0, Pillow\u0027s EPS parser in PIL/EpsImagePlugin.py accepts a negative byte count in the %%BeginBinary directive, allowing a crafted EPS file to cause Image.open() to seek backwards to the same directive and parse it repeatedly in an infinite loop. This issue is fixed in version 12.3.0.",
      "id": "PYSEC-2026-3452",
      "modified": "2026-07-15T18:13:37.574792Z",
      "published": "2026-07-14T16:17:02.063Z",
      "references": [
        {
          "type": "ADVISORY",
          "url": "https://github.com/python-pillow/Pillow/releases/tag/12.3.0"
        },
        {
          "type": "FIX",
          "url": "https://github.com/python-pillow/Pillow/commit/03992618118b4a76b6163cd72ab5ecd684133b83"
        },
        {
          "type": "FIX",
          "url": "https://github.com/python-pillow/Pillow/pull/9708"
        },
        {
          "type": "EVIDENCE",
          "url": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-pg7v-jwj7-p798"
        }
      ],
      "severity": [
        {
          "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "type": "CVSS_V3"
        }
      ]
    }