CVE-2021-34552
pypi/Pillow
Buffer Overflow
Pillow and PIL (aka Python Imaging Library) allow an attacker to pass controlled parameters directly into a convert function to trigger a buffer overflow in Convert.c.
All versions starting from 1.0 up to 1.1.7, all versions starting from 1.2 up to 8.2.0
Upgrade to version 8.3.0 or above.
2021-07-17
source |