From ce097085f779e7f7c0c6743409eebd9934bab8c6 Mon Sep 17 00:00:00 2001
From: Robert Scott <code@humanleg.org.uk>
Date: Wed, 31 Mar 2021 19:01:12 +0100
Subject: [PATCH] python2Packages.pillow: mark as vulnerable to many CVEs

---
 pkgs/development/python-modules/pillow/6.nix | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/pkgs/development/python-modules/pillow/6.nix b/pkgs/development/python-modules/pillow/6.nix
index 51833edfd0b..61242c894a8 100644
--- a/pkgs/development/python-modules/pillow/6.nix
+++ b/pkgs/development/python-modules/pillow/6.nix
@@ -25,5 +25,23 @@ import ./generic.nix (rec {
     '';
     license = "http://www.pythonware.com/products/pil/license.htm";
     maintainers = with maintainers; [ goibhniu prikhi SuperSandro2000 ];
+    knownVulnerabilities = [
+      "CVE-2020-10177"
+      "CVE-2020-10378"
+      "CVE-2020-10379"
+      "CVE-2020-10994"
+      "CVE-2020-11538"
+      "CVE-2020-35653"
+      "CVE-2020-35654"
+      "CVE-2020-35655"
+      "CVE-2021-25289"
+      "CVE-2021-25290"
+      "CVE-2021-25291"
+      "CVE-2021-25292"
+      "CVE-2021-25293"
+      "CVE-2021-27921"
+      "CVE-2021-27922"
+      "CVE-2021-27923"
+    ];
   };
 } // args )