Pillow is a Python imaging library. Prior to 12.3.0, WindowsViewer.get_command() constructed a cmd.exe shell command by directly embedding a file path into an f-string without escaping and passed the result to subprocess.Popen(..., shell=True), allowing shell metacharacters in the file path to inject arbitrary cmd.exe commands. This issue is fixed in version 12.3.0.
Metrics
Affected Vendors & Products
References
History
Mon, 06 Jul 2026 21:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Python-pillow
Python-pillow pillow |
|
| Vendors & Products |
Python-pillow
Python-pillow pillow |
Mon, 06 Jul 2026 19:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Pillow is a Python imaging library. Prior to 12.3.0, WindowsViewer.get_command() constructed a cmd.exe shell command by directly embedding a file path into an f-string without escaping and passed the result to subprocess.Popen(..., shell=True), allowing shell metacharacters in the file path to inject arbitrary cmd.exe commands. This issue is fixed in version 12.3.0. | |
| Title | Pillow: WindowsViewer.get_command() OS command injection via unescaped shell path | |
| Weaknesses | CWE-78 | |
| References |
|
|
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: GitHub_M
Published:
Updated: 2026-07-06T18:44:38.441Z
Reserved: 2026-06-17T14:40:28.381Z
Link: CVE-2026-55798
No data.
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-06T20:45:15Z