Dependabot Sweep: pillow
Ecosystem: pip
Highest severity: high
Total alerts: 2
Advisories
HIGH: Pillow affected by out-of-bounds write when loading PSD images
- Advisory: GHSA-cfh3-3jmp-rvhc | CVE: CVE-2026-25990
- Vulnerable range: >= 10.3.0, < 12.1.1
- Patched version: 12.1.1
- Alert numbers: ,
- Affected lockfiles:
requirements-test.txtuv.lock
Raw data
{
"package": "pillow",
"ecosystem": "pip",
"advisories": [
{
"ghsa_id": "GHSA-cfh3-3jmp-rvhc",
"cve_id": "CVE-2026-25990",
"severity": "high",
"summary": "Pillow affected by out-of-bounds write when loading PSD images",
"vulnerable_range": ">= 10.3.0, < 12.1.1",
"patched_version": "12.1.1",
"alert_numbers": [
65,
64
],
"manifest_paths": [
"requirements-test.txt",
"uv.lock"
]
}
],
"all_manifest_paths": [
"requirements-test.txt",
"uv.lock"
],
"max_severity": "high",
"alert_count": 2
}
Dependabot Sweep:
pillowEcosystem: pip
Highest severity: high
Total alerts: 2
Advisories
HIGH: Pillow affected by out-of-bounds write when loading PSD images
requirements-test.txtuv.lockRaw data
{ "package": "pillow", "ecosystem": "pip", "advisories": [ { "ghsa_id": "GHSA-cfh3-3jmp-rvhc", "cve_id": "CVE-2026-25990", "severity": "high", "summary": "Pillow affected by out-of-bounds write when loading PSD images", "vulnerable_range": ">= 10.3.0, < 12.1.1", "patched_version": "12.1.1", "alert_numbers": [ 65, 64 ], "manifest_paths": [ "requirements-test.txt", "uv.lock" ] } ], "all_manifest_paths": [ "requirements-test.txt", "uv.lock" ], "max_severity": "high", "alert_count": 2 }