AVG-2366 log

Package python-pillow
Status Fixed
Severity Low
Type denial of service
Affected 8.3.1-1
Fixed 8.3.2-1
Current 11.0.0-3 [extra-testing]
11.0.0-1 [extra]
Ticket None
Created Thu Sep 9 12:57:14 2021
Issue Severity Remote Type Description
CVE-2021-23437 Low Yes Denial of service
The package pillow from 0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the getrgb function.