—
PYSEC-2021-317
Details
The package pillow from 0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the getrgb function.
Are you affected?
Enter the version of the package you're using.
Affected packages
PyPI / pillow
Introduced in:
0 Fixed in: 9e08eb8f78fdfd2f476e1b20b7cf38683754866b Fix
pip install --upgrade 'pillow>=9e08eb8f78fdfd2f476e1b20b7cf38683754866b'