AVG-2150 log

Package python-pillow
Status Fixed
Severity Medium
Type arbitrary code execution
Affected 8.2.0-2
Fixed 8.3.0-1
Current 8.4.0-1 [community]
Ticket None
Created Tue Jul 13 18:10:24 2021
Issue Severity Remote Type Description
CVE-2021-34552 Medium Yes Arbitrary code execution
Pillow through 8.2.0 allows an attacker to pass controlled parameters directly into a convert function to trigger a buffer overflow in Convert.c.
Date Advisory Package Type
14 Jul 2021 ASA-202107-26 python-pillow arbitrary code execution