diff --git a/requirements/base.txt b/requirements/base.txt
index 660315b756fc5..6b771b7eea2b7 100644
--- a/requirements/base.txt
+++ b/requirements/base.txt
@@ -119,6 +119,11 @@ idna==3.2
     # via
     #   email-validator
     #   yarl
+importlib-metadata==4.8.2
+    # via
+    #   jsonschema
+    #   kombu
+    #   markdown
 isodate==0.6.0
     # via apache-superset
 itsdangerous==1.1.0
@@ -269,6 +274,8 @@ typing-extensions==3.10.0.0
     # via
     #   aiohttp
     #   apache-superset
+    #   importlib-metadata
+    #   yarl
 urllib3==1.26.6
     # via selenium
 vine==1.3.0
@@ -283,6 +290,7 @@ werkzeug==1.0.1
     #   flask-jwt-extended
 wtforms==2.3.3
     # via
+    #   flask-appbuilder
     #   flask-wtf
     #   wtforms-json
 wtforms-json==0.3.3
@@ -290,7 +298,9 @@ wtforms-json==0.3.3
 yarl==1.6.3
     # via aiohttp
 zipp==3.4.1
-    # via -r requirements/base.in
+    # via
+    #   -r requirements/base.in
+    #   importlib-metadata
 
 # The following packages are considered to be unsafe in a requirements file:
 # setuptools
diff --git a/requirements/development.in b/requirements/development.in
index a0dae01f050b8..d1a9590ec05df 100644
--- a/requirements/development.in
+++ b/requirements/development.in
@@ -18,7 +18,7 @@
 -r base.in
 flask-cors>=2.0.0
 mysqlclient==2.0.3
-pillow>=8.3.1,<9
+pillow>=8.3.2,<9
 pydruid>=0.6.1,<0.7
 pyhive[hive]>=0.6.1
 psycopg2-binary==2.9.1
diff --git a/requirements/development.txt b/requirements/development.txt
index dc993897636e7..6ddbcf9b93105 100644
--- a/requirements/development.txt
+++ b/requirements/development.txt
@@ -1,4 +1,4 @@
-# SHA1:a2fe77c9b8bffc8c8f3de4df6709c8be957c2f87
+# SHA1:2d3a7d56d8fdec412b556af9b6dd21a3e6711eb0
 #
 # This file is autogenerated by pip-compile-multi
 # To update, run:
@@ -40,7 +40,7 @@ mysqlclient==2.0.3
     # via -r requirements/development.in
 openpyxl==3.0.7
     # via tabulator
-pillow==8.3.1
+pillow==8.4.0
     # via -r requirements/development.in
 progress==1.6
     # via -r requirements/development.in
diff --git a/requirements/integration.txt b/requirements/integration.txt
index b7da99e3da365..0a3e2165a2562 100644
--- a/requirements/integration.txt
+++ b/requirements/integration.txt
@@ -22,6 +22,14 @@ filelock==3.0.12
     #   virtualenv
 identify==2.2.13
     # via pre-commit
+importlib-metadata==4.8.2
+    # via
+    #   backports.entry-points-selectable
+    #   pep517
+    #   pluggy
+    #   pre-commit
+    #   tox
+    #   virtualenv
 nodeenv==1.6.0
     # via pre-commit
 packaging==21.0
@@ -62,12 +70,18 @@ toposort==1.6
     # via pip-compile-multi
 tox==3.24.1
     # via -r requirements/integration.in
+typing-extensions==4.0.0
+    # via importlib-metadata
 virtualenv==20.7.2
     # via
     #   pre-commit
     #   tox
 wheel==0.37.0
     # via pip-tools
+zipp==3.6.0
+    # via
+    #   importlib-metadata
+    #   pep517
 
 # The following packages are considered to be unsafe in a requirements file:
 # pip
diff --git a/setup.py b/setup.py
index 20f85e6b8721d..33540aa414d1d 100644
--- a/setup.py
+++ b/setup.py
@@ -157,7 +157,7 @@ def get_git_sha() -> str:
             "snowflake-sqlalchemy==1.2.4"
         ],  # PINNED! 1.2.5 introduced breaking changes requiring sqlalchemy>=1.4.0
         "teradata": ["sqlalchemy-teradata==0.9.0.dev0"],
-        "thumbnails": ["Pillow>=8.2.0, <9.0.0"],
+        "thumbnails": ["Pillow>=8.3.2, <9.0.0"],
         "vertica": ["sqlalchemy-vertica-python>=0.5.9, < 0.6"],
         "netezza": ["nzalchemy>=11.0.2"],
     },