{"id":"ECHO-784c-565e-18bc","modified":"2026-05-11T00:32:55.353897Z","published":"2026-05-07T16:15:06.258363Z","upstream":["CVE-2026-42308","GHSA-wjx4-4jcj-g98j"],"references":[{"type":"WEB","url":"https://advisory.echohq.com/cve/CVE-2026-42308"},{"type":"WEB","url":"https://github.com/advisories/GHSA-wjx4-4jcj-g98j"}],"affected":[{"package":{"name":"pillow","ecosystem":"Echo:PyPi","purl":"pkg:pypi/pillow"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"12.1.1+echo.1"}]}],"database_specific":{"source":"https://advisory.echohq.com/osv/ECHO-784c-565e-18bc.json"}}],"schema_version":"1.7.5"}