Package impact
PIP / pillow
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2026-42310 | medium | 5.5 | 5.5 | 20d ago | Pillow has a PDF Parsing Trailer Infinite Loop (DoS) | |
| CVE-2026-42308 | medium | 5.5 | 5.5 | 20d ago | Pillow is a Python imaging library. Prior to version 12.2.0, if a font advances for each glyph by an exceeding large amount, when Pillow keeps track of the current position, it may lead to an integer… | |
| CVE-2026-42309 | medium | 5.5 | 5.5 | 24d ago | Pillow has a heap buffer overflow with nested list coordinates |