GMS-2022-348: Duplicate of ./pypi/Pillow/CVE-2022-24303.yml
If the path to the temporary directory on Linux or macOS contained a space, this would break removal of the temporary image file after im.show() (and related actions), and potentially remove an unrelated file. This been present since PIL.
References
Detect and mitigate GMS-2022-348 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →