Root has patched CVE-2023-4863 in the rootio-pillow package for Root:PyPI. Multiple fixed versions available.
{
"distro": "pypi",
"severity": "HIGH",
"source": "Root",
"distro_version": ""
}"9.3.0"
15.0
true
"root.io.8"
[
"9.5.0+root.io.1",
"9.3.0+root.io.1",
"9.3.0+root.io.2",
"9.5.0+root.io.2",
"9.3.0+root.io.3",
"9.5.0+root.io.3",
"9.3.0+root.io.4",
"9.5.0+root.io.4",
"9.3.0+root.io.5",
"9.5.0+root.io.5",
"9.3.0+root.io.6",
"9.5.0+root.io.6",
"9.5.0+root.io.7",
"9.3.0+root.io.7",
"9.3.0+root.io.8"
]
"https://api.root.io/external/osv/ROOT-APP-PYPI-CVE-2023-4863.json"