CVE-2021-28678
Description
An issue was discovered in Pillow before 8.2.0. For BLP data, BlpImagePlugin did not properly check that reads (after jumping to file offsets) returned data. This could lead to a DoS where the decoder could be run a large number of times on empty data.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
In Pillow before 8.2.0, the BLP image plugin lacks proper read checks after seeking, allowing a denial-of-service via repeated decoding on empty data.
Vulnerability
In Pillow versions prior to 8.2.0, the BlpImagePlugin does not properly validate that reads performed after seeking to file offsets return actual data. This flaw exists in the BLP image decoder, which was introduced in Pillow 5.1.0 [1][3]. The plugin uses self.fd.read() without checking for end-of-file or empty return values, allowing crafted BLP files to cause the decoder to run many times on zero-length data [2][4].
Exploitation
An attacker can exploit this vulnerability by providing a specially crafted BLP image file that triggers invalid file offsets. When Pillow processes such a file (e.g., via Image.open()), the decoder loops over seemingly valid data blocks that are in fact empty, leading to excessive CPU consumption [1][3]. No authentication or special privileges are required; the attack vector is network-based if the file is loaded from an untrusted source [4].
Impact
Successful exploitation results in a denial-of-service (DoS) condition. The Pillow process may become unresponsive or consume excessive CPU resources, effectively preventing legitimate image processing [1][3]. The vulnerability does not lead to code execution or information disclosure; it primarily affects availability [4].
Mitigation
Pillow version 8.2.0, released on 2021-04-01, fixes the issue by introducing a _safe_read() helper that verifies reads return the expected amount of data, and applying it to all file read operations in the BLP plugin [2][3]. Users should upgrade to Pillow 8.2.0 or later. If upgrading is not possible, avoid processing BLP files from untrusted sources [1].
AI Insight generated on May 21, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
PillowPyPI | >= 5.1.0, < 8.2.0 | 8.2.0 |
Affected products
7- Pillow/Pillowdescription
- osv-coords6 versionspkg:bitnami/pillowpkg:pypi/pillowpkg:rpm/almalinux/python3-pillowpkg:rpm/opensuse/python-Pillow&distro=openSUSE%20Leap%2015.5pkg:rpm/suse/python-Pillow&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/python-Pillow&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209
< 8.2.0+ 5 more
- (no CPE)range: < 8.2.0
- (no CPE)range: >= 5.1.0, < 8.2.0
- (no CPE)range: < 5.1.1-16.el8
- (no CPE)range: < 7.2.0-150300.3.12.1
- (no CPE)range: < 5.2.0-3.8.1
- (no CPE)range: < 5.2.0-3.8.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
9- github.com/advisories/GHSA-hjfx-8p6c-g7gxghsaADVISORY
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MQHA5HAIBOYI3R6HDWCLAGFTIQP767FL/mitrevendor-advisoryx_refsource_FEDORA
- nvd.nist.gov/vuln/detail/CVE-2021-28678ghsaADVISORY
- security.gentoo.org/glsa/202107-33ghsavendor-advisoryx_refsource_GENTOOWEB
- github.com/pypa/advisory-database/tree/main/vulns/pillow/PYSEC-2021-94.yamlghsaWEB
- github.com/python-pillow/Pillow/pull/5377ghsax_refsource_MISCWEB
- github.com/python-pillow/Pillow/pull/5377/commits/496245aa4365d0827390bd0b6fbd11287453b3a1ghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQHA5HAIBOYI3R6HDWCLAGFTIQP767FLghsaWEB
- pillow.readthedocs.io/en/stable/releasenotes/8.2.0.htmlghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.