| Name | CVE-2026-42308 |
| Description | Pillow is a Python imaging library. Prior to version 12.2.0, if a font advances for each glyph by an exceeding large amount, when Pillow keeps track of the current position, it may lead to an integer overflow. This issue has been patched in version 12.2.0. |
| Source | CVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
Vulnerable and fixed packages
The table below lists information on source packages.
| Source Package | Release | Version | Status |
|---|
| pillow (PTS) | bullseye | 8.1.2+dfsg-0.3+deb11u2 | vulnerable |
| bullseye (security) | 8.1.2+dfsg-0.3+deb11u3 | vulnerable |
| bookworm, bookworm (security) | 9.4.0-1.1+deb12u1 | vulnerable |
| trixie (security), trixie | 11.1.0-5+deb13u2 | vulnerable |
| forky, sid | 12.2.0-1 | fixed |
The information below is based on the following data on fixed versions.
| Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
|---|
| pillow | source | (unstable) | 12.2.0-1 | | | |
Notes
[bullseye] - pillow <postponed> (Minor issue, UBSAN)
https://github.com/python-pillow/Pillow/security/advisories/GHSA-wjx4-4jcj-g98j
research fixing commit(s), maybe https://github.com/python-pillow/Pillow/pull/9518/changes