You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tvm.apache.org by Krzysztof Parzyszek via Apache TVM Discuss <no...@discuss.tvm.ai> on 2022/02/11 19:07:23 UTC

[Apache TVM Discuss] [Development] Pillow < 9.0.0 security vulnerabilities


There are 3 security vulnerabilities in Pillow < 9.0.0.  They are all considered critical.

1. [CVE-2022-22815](https://nvd.nist.gov/vuln/detail/CVE-2022-22815)
2. [CVE-2022-22816](https://nvd.nist.gov/vuln/detail/CVE-2022-22816)
3. [CVE-2022-22817](https://nvd.nist.gov/vuln/detail/CVE-2022-22817)

apps/microtvm/ethosu/requirements.txt lists Pillow==**8.3.2**.





---
[Visit Topic](https://discuss.tvm.apache.org/t/pillow-9-0-0-security-vulnerabilities/12070/1) to respond.

You are receiving this because you enabled mailing list mode.

To unsubscribe from these emails, [click here](https://discuss.tvm.apache.org/email/unsubscribe/b2ee933c68a9f2e4d8faf50efd585b44cb3846c60dc06ae1e31e9cafe5251501).

[Apache TVM Discuss] [Development] Pillow < 9.0.0 security vulnerabilities

Posted by Andrew Reusch via Apache TVM Discuss <no...@discuss.tvm.ai>.


Thanks! filed https://github.com/apache/tvm/issues/10238, i think this is not a formal requirement for TVM but just a loose end which was not updated.





---
[Visit Topic](https://discuss.tvm.apache.org/t/pillow-9-0-0-security-vulnerabilities/12070/2) to respond.

You are receiving this because you enabled mailing list mode.

To unsubscribe from these emails, [click here](https://discuss.tvm.apache.org/email/unsubscribe/486d5c8272365a7d943802049d125c579e7f516b66b20b0199aeb42b13682bea).