fix: restrict Image.open() formats to prevent PSD parsing (workaround) (#6214)

dagil-nvidia · cursoragent · web-flow · commit 76c1889aeb07 · 2026-02-11T16:02:30.000-08:00
Signed-off-by: Dan Gil &lt;dagil@nvidia.com&gt;
Co-authored-by: Cursor &lt;cursoragent@cursor.com&gt;
diff --git a/components/src/dynamo/sglang/multimodal_utils/multimodal_image_loader.py b/components/src/dynamo/sglang/multimodal_utils/multimodal_image_loader.py
@@ -91,7 +91,10 @@ async def load_image(self, image_url: str) -> Image.Image:
                 raise ValueError(f"Invalid image source scheme: {parsed_url.scheme}")
 
             # PIL is sync, so offload to a thread to avoid blocking the event loop
-            image = await asyncio.to_thread(Image.open, image_data)
+            # Restrict to supported formats to prevent PSD parsing
+            image = await asyncio.to_thread(
+                Image.open, image_data, formats=["JPEG", "PNG", "WEBP"]
+            )
 
             # Validate image format and convert to RGB
             if image.format not in ("JPEG", "PNG", "WEBP"):
diff --git a/components/src/dynamo/vllm/multimodal_utils/image_loader.py b/components/src/dynamo/vllm/multimodal_utils/image_loader.py
@@ -78,7 +78,10 @@ async def load_image(self, image_url: str) -> Image.Image:
                 raise ValueError(f"Invalid image source scheme: {parsed_url.scheme}")
 
             # PIL is sync, so offload to a thread to avoid blocking the event loop
-            image = await asyncio.to_thread(Image.open, image_data)
+            # Restrict to supported formats to prevent PSD parsing
+            image = await asyncio.to_thread(
+                Image.open, image_data, formats=["JPEG", "PNG", "WEBP"]
+            )
 
             # Validate image format and convert to RGB
             if image.format not in ("JPEG", "PNG", "WEBP"):
diff --git a/examples/multimodal/utils/image_loader.py b/examples/multimodal/utils/image_loader.py
@@ -78,7 +78,10 @@ async def load_image(self, image_url: str) -> Image.Image:
                 raise ValueError(f"Invalid image source scheme: {parsed_url.scheme}")
 
             # PIL is sync, so offload to a thread to avoid blocking the event loop
-            image = await asyncio.to_thread(Image.open, image_data)
+            # Restrict to supported formats to prevent PSD parsing
+            image = await asyncio.to_thread(
+                Image.open, image_data, formats=["JPEG", "PNG", "WEBP"]
+            )
 
             # Validate image format and convert to RGB
             if image.format not in ("JPEG", "PNG", "WEBP"):
