AVG-2150 log
Package | python-pillow |
Status | Fixed |
Severity | Medium |
Type | arbitrary code execution |
Affected | 8.2.0-2 |
Fixed | 8.3.0-1 |
Current | 10.4.0-1 [extra] |
Ticket | None |
Created | Tue Jul 13 18:10:24 2021 |
Issue | Severity | Remote | Type | Description |
---|---|---|---|---|
CVE-2021-34552 | Medium | Yes | Arbitrary code execution | Pillow through 8.2.0 allows an attacker to pass controlled parameters directly into a convert function to trigger a buffer overflow in Convert.c. |
Date | Advisory | Package | Type |
---|---|---|---|
14 Jul 2021 | ASA-202107-26 | python-pillow | arbitrary code execution |