---

AVG-1439 - log back

AVG-1439 edited at 30 Mar 2021 15:00:24
Status	- Vulnerable + Unknown

AVG-1439 edited at 03 Mar 2021 11:18:14
Issues	CVE-2020-35653 CVE-2020-35654 CVE-2020-35655 + CVE-2021-25289 + CVE-2021-25290 + CVE-2021-25291 + CVE-2021-25292 + CVE-2021-25293 + CVE-2021-27921 + CVE-2021-27922 + CVE-2021-27923

AVG-1439 created at 12 Jan 2021 10:01:10
Packages	+ python2-pillow
Issues	+ CVE-2020-35653 + CVE-2020-35654 + CVE-2020-35655
Status	+ Vulnerable
Severity	+ Medium
Affected	+ 6.2.1-3
Fixed
Ticket
Advisory qualified	+ Yes
References	+ https://pillow.readthedocs.io/en/stable/releasenotes/8.1.0.html#security
Notes	+ python-pillow 7.0.0 dropped support for the end of life Python 2.7, so these issues are unlikely to be fixed in this legacy version of python-pillow, which is retained only for compatibility reasons.