Vulnerability Database
Blog
FAQ
Docs
arrow_forward
search
light_mode
dark_mode
RHSA-2026:39127
See a problem?
Please try reporting it
to the source
first.
Source
https://access.redhat.com/errata/RHSA-2026:39127
Import Source
https://security.access.redhat.com/data/osv/RHSA-2026:39127.json
JSON Data
https://api.osv.dev/v1/vulns/RHSA-2026:39127
Upstream
CVE-2026-54059
CVE-2026-54060
CVE-2026-55379
CVE-2026-55380
Published
2026-07-15T10:10:10Z
Modified
2026-07-17T10:09:22Z
Severity
7.5 (High)
CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS Calculator
Summary
Red Hat Security Advisory: python-pillow security update
Details
References
https://access.redhat.com/errata/RHSA-2026:39127
https://access.redhat.com/security/updates/classification/#important
https://bugzilla.redhat.com/show_bug.cgi?id=2497452
https://bugzilla.redhat.com/show_bug.cgi?id=2497455
https://bugzilla.redhat.com/show_bug.cgi?id=2497464
https://bugzilla.redhat.com/show_bug.cgi?id=2497466
https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_39127.json
https://access.redhat.com/security/cve/CVE-2026-54059
https://www.cve.org/CVERecord?id=CVE-2026-54059
https://nvd.nist.gov/vuln/detail/CVE-2026-54059
https://github.com/python-pillow/Pillow/blob/main/docs/releasenotes/12.3.0.rst
https://github.com/python-pillow/Pillow/commit/0a263e6264aa5399988d9acd3bbfbca2ca3ec77d
https://github.com/python-pillow/Pillow/security/advisories/GHSA-8v84-f9pq-wr9x
https://access.redhat.com/security/cve/CVE-2026-54060
https://www.cve.org/CVERecord?id=CVE-2026-54060
https://nvd.nist.gov/vuln/detail/CVE-2026-54060
https://github.com/python-pillow/Pillow/security/advisories/GHSA-5x94-69rx-g8h2
https://access.redhat.com/security/cve/CVE-2026-55379
https://www.cve.org/CVERecord?id=CVE-2026-55379
https://nvd.nist.gov/vuln/detail/CVE-2026-55379
https://github.com/python-pillow/Pillow/security/advisories/GHSA-45hq-cxwh-f6vc
https://access.redhat.com/security/cve/CVE-2026-55380
https://www.cve.org/CVERecord?id=CVE-2026-55380
https://nvd.nist.gov/vuln/detail/CVE-2026-55380
https://github.com/python-pillow/Pillow/commit/f39b0ae6624eb2d7c5c5d651d9bb5fdbd96a8675
https://github.com/python-pillow/Pillow/security/advisories/GHSA-phj9-mv4w-65pm
Affected packages
Red Hat:enterprise_linux:8::appstream
python-pillow
Package
Name
python-pillow
Purl
pkg:rpm/redhat/python-pillow
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:5.1.1-22.el8_10
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:39127.json"
python-pillow-debuginfo
Package
Name
python-pillow-debuginfo
Purl
pkg:rpm/redhat/python-pillow-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:5.1.1-22.el8_10
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:39127.json"
python-pillow-debugsource
Package
Name
python-pillow-debugsource
Purl
pkg:rpm/redhat/python-pillow-debugsource
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:5.1.1-22.el8_10
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:39127.json"
python3-pillow
Package
Name
python3-pillow
Purl
pkg:rpm/redhat/python3-pillow
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:5.1.1-22.el8_10
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:39127.json"
python3-pillow-debuginfo
Package
Name
python3-pillow-debuginfo
Purl
pkg:rpm/redhat/python3-pillow-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:5.1.1-22.el8_10
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:39127.json"
python3-pillow-tk-debuginfo
Package
Name
python3-pillow-tk-debuginfo
Purl
pkg:rpm/redhat/python3-pillow-tk-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:5.1.1-22.el8_10
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:39127.json"
Red Hat:enterprise_linux:8::crb
python-pillow-debuginfo
Package
Name
python-pillow-debuginfo
Purl
pkg:rpm/redhat/python-pillow-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:5.1.1-22.el8_10
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:39127.json"
python-pillow-debugsource
Package
Name
python-pillow-debugsource
Purl
pkg:rpm/redhat/python-pillow-debugsource
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:5.1.1-22.el8_10
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:39127.json"
python3-pillow
Package
Name
python3-pillow
Purl
pkg:rpm/redhat/python3-pillow
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:5.1.1-22.el8_10
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:39127.json"
python3-pillow-debuginfo
Package
Name
python3-pillow-debuginfo
Purl
pkg:rpm/redhat/python3-pillow-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:5.1.1-22.el8_10
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:39127.json"
python3-pillow-devel
Package
Name
python3-pillow-devel
Purl
pkg:rpm/redhat/python3-pillow-devel
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:5.1.1-22.el8_10
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:39127.json"
python3-pillow-doc
Package
Name
python3-pillow-doc
Purl
pkg:rpm/redhat/python3-pillow-doc
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:5.1.1-22.el8_10
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:39127.json"
python3-pillow-tk
Package
Name
python3-pillow-tk
Purl
pkg:rpm/redhat/python3-pillow-tk
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:5.1.1-22.el8_10
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:39127.json"
python3-pillow-tk-debuginfo
Package
Name
python3-pillow-tk-debuginfo
Purl
pkg:rpm/redhat/python3-pillow-tk-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:5.1.1-22.el8_10
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:39127.json"
RHSA-2026:39127 - OSV