vulnerability
Red Hat: CVE-2021-28676: Infinite loop in FLI image reader (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:N/I:N/A:P) | Jun 2, 2021 | Nov 10, 2021 | Jul 9, 2025 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
Jun 2, 2021
Added
Nov 10, 2021
Modified
Jul 9, 2025
Description
An issue was discovered in Pillow before 8.2.0. For FLI data, FliDecode did not properly check that the block advance was non-zero, potentially leading to an infinite loop on load.
Solution(s)
no-fix-redhat-rpm-packageredhat-upgrade-python-pillow-debuginforedhat-upgrade-python-pillow-debugsourceredhat-upgrade-python3-pillowredhat-upgrade-python3-pillow-debuginforedhat-upgrade-python3-pillow-tk-debuginfo
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.