VYPR
Unrated severityNVD Advisory· Published Jul 16, 2026

Debian pillow: Pillow is a Python imaging library. From 12.0.0 through 12.2.0, Pillow's EPS par…

CVE-2026-59203

Description

Pillow is a Python imaging library. From 12.0.0 through 12.2.0, Pillow's EPS parser in PIL/EpsImagePlugin.py accepts a negative byte count in the %%BeginBinary directive, allowing a crafted EPS file to cause Image.open() to seek backwards to the same directive and parse it repeatedly in an infinite loop. This issue is fixed in version 12.3.0.

Affected products

3

Patches

Vulnerability mechanics

News mentions

0

No linked articles in our index yet.

CVE-2026-59203 · VYPR