Unrated severityNVD Advisory· Published Jul 16, 2026
Debian pillow: Pillow is a Python imaging library. From 12.0.0 through 12.2.0, Pillow's EPS par…
CVE-2026-59203
Description
Pillow is a Python imaging library. From 12.0.0 through 12.2.0, Pillow's EPS parser in PIL/EpsImagePlugin.py accepts a negative byte count in the %%BeginBinary directive, allowing a crafted EPS file to cause Image.open() to seek backwards to the same directive and parse it repeatedly in an infinite loop. This issue is fixed in version 12.3.0.
Affected products
3- Range: 12.0.0 - 12.2.0
Patches
Vulnerability mechanics
News mentions
0No linked articles in our index yet.