apk package
chainguard/datahub-ingestion-fips
pkg:apk/chainguard/datahub-ingestion-fips
Vulnerabilities (36)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-47265 | Hig | 7.5 | < 1.6.0-r1 | 1.6.0-r1 | Jun 2, 2026 | AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.14.0, cookies set with the `cookies` parameter on requests are sent after following a cross-origin redirect. If a developer uses the `cookies` parameter on a per-request basis then | |
| CVE-2026-34993 | Med | 6.4 | < 1.6.0-r1 | 1.6.0-r1 | Jun 2, 2026 | AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.14.0, using ``CookieJar.load()`` with untrusted input may allow arbitrary code execution. Most applications using this function will be doing so with the user's own data, so this is | |
| CVE-2026-45017 | Hig | 7.5 | < 1.5.0.4-r0 | 1.5.0.4-r0 | May 28, 2026 | Python Liquid is a Python engine for the Liquid template language. Prior to 2.2.0, the built-in FileSystemLoader and CachingFileSystemLoader do not guard against reading files outside their search paths when given an absolute path to resolve. This allows malicious template author | |
| CVE-2026-44897 | Med | 6.1 | < 1.5.0.1-r2 | 1.5.0.1-r2 | May 26, 2026 | Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, HTMLRenderer.heading() builds the opening tag by string-concatenating the id attribute value directly into the HTML — with no call to escape(), safe_entity(), or any other sanitisation function. | |
| CVE-2026-44896 | Med | 6.1 | < 1.5.0.1-r2 | 1.5.0.1-r2 | May 26, 2026 | Mistune is a Python Markdown parser with renderers and plugins. In 3.2.0 and earlier, in src/mistune/directives/image.py, the render_figure() function concatenates figclass and figwidth options directly into HTML attributes without escaping. This allows attribute injection and XS | |
| CVE-2026-44708 | Med | 6.1 | < 1.5.0.1-r2 | 1.5.0.1-r2 | May 26, 2026 | Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, the mistune math plugin renders inline math ($...$) and block math ($$...$$) by concatenating the raw user-supplied content directly into the HTML output without any HTML escaping. This occurs even wh | |
| CVE-2026-44432 | Hig | 7.5 | < 1.5.0.4-r0 | 1.5.0.4-r0 | May 13, 2026 | urllib3 is an HTTP client library for Python. From 2.6.0 to before 2.7.0, urllib3 could decompress the whole response instead of the requested portion (1) during the second HTTPResponse.read(amt=N) call when the response was decompressed using the official Brotli library or (2) w | |
| CVE-2026-44431 | Med | 5.3 | < 1.5.0.4-r0 | 1.5.0.4-r0 | May 13, 2026 | urllib3 is an HTTP client library for Python. From 1.23 to before 2.7.0, cross-origin redirects followed from the low-level API via ProxyManager.connection_from_url().urlopen(..., assert_same_host=False) still forward these sensitive headers. This vulnerability is fixed in 2.7.0. | |
| CVE-2026-42557 | Cri | 9.6 | < 1.5.0.1-r2 | 1.5.0.1-r2 | May 13, 2026 | jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. Prior to 4.5.7, JupyterLab's HTML sanitizer allowlists data-commandlinker-command and data-commandlinker-args on button elements, while CommandLinker li | |
| CVE-2026-42266 | Hig | 8.8 | < 1.5.0.1-r2 | 1.5.0.1-r2 | May 13, 2026 | JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. From 4.0.0 to 4.5.6, the allow-list of extensions that can be installed from PyPI Extension Manager (allowed_extensions_uris) is not correctly enforced | |
| CVE-2026-44244 | Hig | 7.8 | < 1.5.0.1-r2 | 1.5.0.1-r2 | May 7, 2026 | GitPython is a python library used to interact with Git repositories. Prior to version 3.1.49, GitConfigParser.set_value() passes values to Python's configparser without validating for newlines. GitPython's own _write() converts embedded newlines into indented continuation lines | |
| CVE-2026-44243 | Hig | 7.1 | < 1.5.0.1-r2 | 1.5.0.1-r2 | May 7, 2026 | GitPython is a python library used to interact with Git repositories. Prior to version 3.1.48, a vulnerability in GitPython allows attackers who can supply a crafted reference path to an application using GitPython to write, overwrite, move, or delete files outside the repository | |
| CVE-2026-42284 | Hig | 8.1 | < 1.5.0.1-r2 | 1.5.0.1-r2 | May 7, 2026 | GitPython is a python library used to interact with Git repositories. Prior to version 3.1.47, _clone() validates multi_options as the original list, then executes shlex.split(" ".join(multi_options)). A string like "--branch main --config core.hooksPath=/x" passes validation (st | |
| CVE-2026-42215 | Hig | 8.8 | < 1.5.0.1-r2 | 1.5.0.1-r2 | May 7, 2026 | GitPython is a python library used to interact with Git repositories. From version 3.1.30 to before version 3.1.47, GitPython blocks dangerous Git options such as --upload-pack and --receive-pack by default, but the equivalent Python kwargs upload_pack and receive_pack bypass tha | |
| CVE-2026-40171 | Hig | — | < 1.5.0.1-r1 | 1.5.0.1-r1 | May 6, 2026 | In Jupyter Notebook versions 7.0.0 through 7.5.5, JupyterLab versions 4.5.6 and earlier, and the corresponding @jupyter-notebook/help-extension and @jupyterlab/help-extension packages before 7.5.6 and 4.5.7, a stored cross-site scripting issue in the help command linker can be ch | |
| CVE-2026-33079 | Hig | — | < 1.5.0.1-r2 | 1.5.0.1-r2 | May 6, 2026 | In versions 3.0.0a1 through 3.2.0 of Mistune, there is a ReDoS (Regular Expression Denial of Service) vulnerability in `LINK_TITLE_RE` that allows an attacker who can supply Markdown for parsing to cause denial of service. The regular expression used for parsing link titles conta | |
| CVE-2026-40934 | Med | 6.8 | < 1.5.0.1-r2 | 1.5.0.1-r2 | May 5, 2026 | Jupyter Server is the backend for Jupyter web applications. In versions 2.17.0 and earlier, the secret used to sign authentication cookies is persisted to a static file at ~/.local/share/jupyter/runtime/jupyter_cookie_secret and is never rotated when a user changes their password | |
| CVE-2026-40110 | Hig | 7.3 | < 1.5.0.1-r2 | 1.5.0.1-r2 | May 5, 2026 | Jupyter Server is the backend for Jupyter web applications. In versions 2.17.0 and earlier, the Origin header validation uses Python's re.match() to check incoming origins against the allow_origin_pat configuration value. Because re.match() only anchors at the start of the string | |
| CVE-2026-35397 | Hig | 8.8 | < 1.5.0.1-r2 | 1.5.0.1-r2 | May 5, 2026 | Jupyter Server is the backend for Jupyter web applications. In versions 2.17.0 and earlier, a path traversal vulnerability in the REST API allows an authenticated user to escape the configured root_dir and access sibling directories whose names begin with the same prefix as the r | |
| CVE-2025-61669 | Med | 6.1 | < 1.5.0.1-r2 | 1.5.0.1-r2 | May 5, 2026 | Jupyter Server is the backend for Jupyter web applications. In jupyter_server versions through 2.17.0, the next query parameter in the login flow is insufficiently validated in `LoginFormHandler._redirect_safe()`, which allows redirects to arbitrary external domains via values su |
- affected < 1.6.0-r1fixed 1.6.0-r1
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.14.0, cookies set with the `cookies` parameter on requests are sent after following a cross-origin redirect. If a developer uses the `cookies` parameter on a per-request basis then
- affected < 1.6.0-r1fixed 1.6.0-r1
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.14.0, using ``CookieJar.load()`` with untrusted input may allow arbitrary code execution. Most applications using this function will be doing so with the user's own data, so this is
- affected < 1.5.0.4-r0fixed 1.5.0.4-r0
Python Liquid is a Python engine for the Liquid template language. Prior to 2.2.0, the built-in FileSystemLoader and CachingFileSystemLoader do not guard against reading files outside their search paths when given an absolute path to resolve. This allows malicious template author
- affected < 1.5.0.1-r2fixed 1.5.0.1-r2
Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, HTMLRenderer.heading() builds the opening tag by string-concatenating the id attribute value directly into the HTML — with no call to escape(), safe_entity(), or any other sanitisation function.
- affected < 1.5.0.1-r2fixed 1.5.0.1-r2
Mistune is a Python Markdown parser with renderers and plugins. In 3.2.0 and earlier, in src/mistune/directives/image.py, the render_figure() function concatenates figclass and figwidth options directly into HTML attributes without escaping. This allows attribute injection and XS
- affected < 1.5.0.1-r2fixed 1.5.0.1-r2
Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, the mistune math plugin renders inline math ($...$) and block math ($$...$$) by concatenating the raw user-supplied content directly into the HTML output without any HTML escaping. This occurs even wh
- affected < 1.5.0.4-r0fixed 1.5.0.4-r0
urllib3 is an HTTP client library for Python. From 2.6.0 to before 2.7.0, urllib3 could decompress the whole response instead of the requested portion (1) during the second HTTPResponse.read(amt=N) call when the response was decompressed using the official Brotli library or (2) w
- affected < 1.5.0.4-r0fixed 1.5.0.4-r0
urllib3 is an HTTP client library for Python. From 1.23 to before 2.7.0, cross-origin redirects followed from the low-level API via ProxyManager.connection_from_url().urlopen(..., assert_same_host=False) still forward these sensitive headers. This vulnerability is fixed in 2.7.0.
- affected < 1.5.0.1-r2fixed 1.5.0.1-r2
jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. Prior to 4.5.7, JupyterLab's HTML sanitizer allowlists data-commandlinker-command and data-commandlinker-args on button elements, while CommandLinker li
- affected < 1.5.0.1-r2fixed 1.5.0.1-r2
JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. From 4.0.0 to 4.5.6, the allow-list of extensions that can be installed from PyPI Extension Manager (allowed_extensions_uris) is not correctly enforced
- affected < 1.5.0.1-r2fixed 1.5.0.1-r2
GitPython is a python library used to interact with Git repositories. Prior to version 3.1.49, GitConfigParser.set_value() passes values to Python's configparser without validating for newlines. GitPython's own _write() converts embedded newlines into indented continuation lines
- affected < 1.5.0.1-r2fixed 1.5.0.1-r2
GitPython is a python library used to interact with Git repositories. Prior to version 3.1.48, a vulnerability in GitPython allows attackers who can supply a crafted reference path to an application using GitPython to write, overwrite, move, or delete files outside the repository
- affected < 1.5.0.1-r2fixed 1.5.0.1-r2
GitPython is a python library used to interact with Git repositories. Prior to version 3.1.47, _clone() validates multi_options as the original list, then executes shlex.split(" ".join(multi_options)). A string like "--branch main --config core.hooksPath=/x" passes validation (st
- affected < 1.5.0.1-r2fixed 1.5.0.1-r2
GitPython is a python library used to interact with Git repositories. From version 3.1.30 to before version 3.1.47, GitPython blocks dangerous Git options such as --upload-pack and --receive-pack by default, but the equivalent Python kwargs upload_pack and receive_pack bypass tha
- affected < 1.5.0.1-r1fixed 1.5.0.1-r1
In Jupyter Notebook versions 7.0.0 through 7.5.5, JupyterLab versions 4.5.6 and earlier, and the corresponding @jupyter-notebook/help-extension and @jupyterlab/help-extension packages before 7.5.6 and 4.5.7, a stored cross-site scripting issue in the help command linker can be ch
- affected < 1.5.0.1-r2fixed 1.5.0.1-r2
In versions 3.0.0a1 through 3.2.0 of Mistune, there is a ReDoS (Regular Expression Denial of Service) vulnerability in `LINK_TITLE_RE` that allows an attacker who can supply Markdown for parsing to cause denial of service. The regular expression used for parsing link titles conta
- affected < 1.5.0.1-r2fixed 1.5.0.1-r2
Jupyter Server is the backend for Jupyter web applications. In versions 2.17.0 and earlier, the secret used to sign authentication cookies is persisted to a static file at ~/.local/share/jupyter/runtime/jupyter_cookie_secret and is never rotated when a user changes their password
- affected < 1.5.0.1-r2fixed 1.5.0.1-r2
Jupyter Server is the backend for Jupyter web applications. In versions 2.17.0 and earlier, the Origin header validation uses Python's re.match() to check incoming origins against the allow_origin_pat configuration value. Because re.match() only anchors at the start of the string
- affected < 1.5.0.1-r2fixed 1.5.0.1-r2
Jupyter Server is the backend for Jupyter web applications. In versions 2.17.0 and earlier, a path traversal vulnerability in the REST API allows an authenticated user to escape the configured root_dir and access sibling directories whose names begin with the same prefix as the r
- affected < 1.5.0.1-r2fixed 1.5.0.1-r2
Jupyter Server is the backend for Jupyter web applications. In jupyter_server versions through 2.17.0, the next query parameter in the login flow is insufficiently validated in `LoginFormHandler._redirect_safe()`, which allows redirects to arbitrary external domains via values su
Page 1 of 2