CVE-2026-55380
Undergoing Analysis Undergoing Analysis - In Progress

Heap Overflow in Pillow Image Processing Library

Vulnerability report for CVE-2026-55380, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-06

Last updated on: 2026-07-06

Assigner: GitHub, Inc.

Description

Pillow is a Python imaging library. Prior to 12.3.0, PIL/GdImageFile.py GdImageFile._open() read image dimensions from the GD 2.x header and stored them in self._size without calling Image._decompression_bomb_check(), allowing a crafted .gd file to trigger excessive C-heap allocation when loaded. This issue is fixed in version 12.3.0.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-06
Last Modified
2026-07-06
Generated
2026-07-06
AI Q&A
2026-07-06
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
python pillow to 12.3.0 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-789 The product allocates memory based on an untrusted, large size value, but it does not ensure that the size is within expected limits, allowing arbitrary amounts of memory to be allocated.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Compliance Impact

This vulnerability in Pillow allows a crafted .gd file to trigger excessive memory allocation, potentially causing denial-of-service (DoS) conditions by crashing the process or degrading service availability.

While the CVE description and resources do not explicitly mention compliance with standards like GDPR or HIPAA, the impact on availability could affect compliance indirectly. For example, HIPAA requires ensuring the availability of systems and data, and a DoS attack exploiting this vulnerability could disrupt availability.

Organizations relying on Pillow for image processing in environments subject to such regulations should consider this vulnerability as a risk to system availability and take appropriate mitigation steps, such as upgrading to Pillow version 12.3.0 or later where the issue is fixed.

Executive Summary

This vulnerability affects the Pillow Python imaging library, specifically the GdImageFile._open() function. Prior to version 12.3.0, the function reads image dimensions from a crafted .gd file header and stores them without performing a decompression bomb check. This allows an attacker to create a small malicious .gd file that triggers an excessive allocation of memory (up to 4.3 GB) when loaded, potentially causing the application to crash or become unresponsive.

The issue arises because GdImageFile is not registered with the standard Image.open() path that enforces decompression bomb protections, so the usual safeguards are bypassed. The vulnerability exploits the fact that width and height values are read as unsigned 16-bit integers, allowing extremely large image dimensions that exceed safe thresholds.

Impact Analysis

This vulnerability can lead to a denial-of-service (DoS) condition by causing the application to allocate excessive amounts of memory when processing a maliciously crafted .gd image file. This can crash the process or severely degrade system performance due to high memory consumption.

Since the attack requires only a small file and no authentication or user interaction, it can be exploited remotely, making any service that processes user-uploaded .gd files vulnerable. This can impact availability of services relying on Pillow for image processing.

Detection Guidance

This vulnerability can be detected by identifying attempts to open crafted .gd files that trigger excessive memory allocation in the Pillow library's GdImageFile._open() function.

One way to detect exploitation attempts is to monitor logs or application errors for crashes or memory allocation failures related to loading .gd image files using Pillow.

To test if your Pillow installation is vulnerable, you can attempt to open a crafted oversized .gd image file that exceeds the decompression bomb threshold and observe if a DecompressionBombError is raised or if the process crashes.

Example Python commands to test detection (requires a crafted .gd file or BytesIO object with large dimensions):

  • Use Pillow to open a .gd file and catch decompression bomb errors: ```python from PIL import Image try: img = Image.open('crafted_large.gd') img.load() except Image.DecompressionBombError: print('Decompression bomb detected') except Exception as e: print(f'Error loading image: {e}') ```
  • Monitor application logs for memory allocation errors or crashes when processing .gd files.
Mitigation Strategies

The immediate mitigation step is to upgrade the Pillow library to version 12.3.0 or later, where the vulnerability has been fixed by adding a decompression bomb check in the GdImageFile._open() method.

If upgrading is not immediately possible, consider blocking or filtering .gd files from untrusted sources to prevent processing of potentially malicious crafted files.

Additionally, review your application code to ensure that any image loading using Pillow properly handles exceptions such as DecompressionBombError to avoid crashes.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-55380. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart