apk package

chainguard/kubeflow-pipelines-visualization-server

pkg:apk/chainguard/kubeflow-pipelines-visualization-server

Vulnerabilities (93)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2026-44432	Hig	7.5	< 2.16.1-r1	2.16.1-r1	May 13, 2026	urllib3 is an HTTP client library for Python. From 2.6.0 to before 2.7.0, urllib3 could decompress the whole response instead of the requested portion (1) during the second HTTPResponse.read(amt=N) call when the response was decompressed using the official Brotli library or (2) w
CVE-2026-44431	Med	5.3	< 2.16.1-r1	2.16.1-r1	May 13, 2026	urllib3 is an HTTP client library for Python. From 1.23 to before 2.7.0, cross-origin redirects followed from the low-level API via ProxyManager.connection_from_url().urlopen(..., assert_same_host=False) still forward these sensitive headers. This vulnerability is fixed in 2.7.0.
CVE-2026-42311	Hig	7.8	< 2.16.1-r0	2.16.1-r0	May 9, 2026	Pillow is a Python imaging library. From version 10.3.0 to before version 12.2.0, processing a malicious PSD file could lead to memory corruption, potentially resulting in a crash or arbitrary code execution. This issue has been patched in version 12.2.0.
CVE-2026-42310	Med	5.5	< 2.16.1-r0	2.16.1-r0	May 9, 2026	Pillow is a Python imaging library. From version 4.2.0 to before version 12.2.0, an attacker can supply a malicious PDF that causes the process to hang indefinitely, consuming 100% CPU and making the application unresponsive. This issue has been patched in version 12.2.0.
CVE-2026-42309	Med	5.5	< 2.16.1-r0	2.16.1-r0	May 9, 2026	Pillow is a Python imaging library. From version 11.2.1 to before version 12.2.0, passing nested lists as coordinates to APIs that accept coordinates such as ImagePath.Path, ImageDraw.ImageDraw.polygon and ImageDraw.ImageDraw.line could cause a heap buffer overflow, as nested lis
CVE-2026-42308	Med	5.5	< 2.16.1-r0	2.16.1-r0	May 9, 2026	Pillow is a Python imaging library. Prior to version 12.2.0, if a font advances for each glyph by an exceeding large amount, when Pillow keeps track of the current position, it may lead to an integer overflow. This issue has been patched in version 12.2.0.
CVE-2026-44897	med	—	< 2.16.1-r2	2.16.1-r2	May 9, 2026	## Summary `HTMLRenderer.heading()` builds the opening `` tag by string-concatenating the `id` attribute value directly into the HTML — with no call to `escape()`, `safe_entity()`, or any other sanitisation function. A double-quote character `"` in the `id` value terminates t
CVE-2026-44896	med	—	< 2.16.1-r2	2.16.1-r2	May 8, 2026	In `src/mistune/directives/image.py`, the `render_figure()` function concatenates `figclass` and `figwidth` options directly into HTML attributes without escaping (lines 152-168). This allows attribute injection and XSS even when `HTMLRenderer(escape=True)` is used, because thes
CVE-2026-44708	med	—	< 2.16.1-r2	2.16.1-r2	May 8, 2026	## Summary The mistune math plugin renders inline math (`$...$`) and block math (`$$...$$`) by concatenating the raw user-supplied content directly into the HTML output without any HTML escaping. This occurs even when the parser is explicitly created with `escape=True`, which
CVE-2026-33079	Hig	—	< 2.16.1-r2	2.16.1-r2	May 6, 2026	In versions 3.0.0a1 through 3.2.0 of Mistune, there is a ReDoS (Regular Expression Denial of Service) vulnerability in `LINK_TITLE_RE` that allows an attacker who can supply Markdown for parsing to cause denial of service. The regular expression used for parsing link titles conta
CVE-2026-41066	Hig	7.5	< 2.16.0-r5	2.16.0-r5	Apr 24, 2026	lxml is a library for processing XML and HTML in the Python language. Prior to 6.1.0, using either of the two parsers in the default configuration (with resolve_entities=True) allows untrusted XML input to read local files. Setting the resolve_entities option explicitly to resolv
CVE-2026-39378	Med	6.5	< 2.16.0-r5	2.16.0-r5	Apr 21, 2026	The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. In versions 6.5 through 7.17.0, when `HTMLExporter.embed_images=True`, nbconvert's markdown renderer allows arbitrary file read via path traversal in image references.
CVE-2026-39377	Med	6.5	< 2.16.0-r5	2.16.0-r5	Apr 21, 2026	The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. Versions 6.5 through 7.17.0 allow arbitrary file writes to locations outside the intended output directory when processing notebooks containing crafted cell attachment
CVE-2026-40192	Hig	7.5	< 2.16.1-r1	2.16.1-r1	Apr 15, 2026	Pillow is a Python imaging library. Versions 10.3.0 through 12.1.1 did not limit the amount of GZIP-compressed data read when decoding a FITS image, making them vulnerable to decompression bomb attacks. A specially crafted FITS file could cause unbounded memory consumption, leadi
CVE-2026-1462	Hig	8.8	< 0	0	Apr 13, 2026	A vulnerability in the `TFSMLayer` class of the `keras` package, version 3.13.0, allows attacker-controlled TensorFlow SavedModels to be loaded during deserialization of `.keras` models, even when `safe_mode=True`. This bypasses the security guarantees of `safe_mode` and enables
CVE-2026-39892	Cri	9.8	< 2.16.0-r4	2.16.0-r4	Apr 8, 2026	cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. From 45.0.0 to before 46.0.7, if a non-contiguous buffer was passed to APIs which accepted Python buffers (e.g. Hash.update()), this could lead to buffer overflows. This vulner
CVE-2026-34525	Med	5.3	< 2.16.0-r4	2.16.0-r4	Apr 1, 2026	AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, multiple Host headers were allowed in aiohttp. This issue has been patched in version 3.13.4.
CVE-2026-34520	Cri	9.1	< 2.16.0-r4	2.16.0-r4	Apr 1, 2026	AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, the C parser (the default for most installs) accepted null bytes and control characters in response headers. This issue has been patched in version 3.13.4.
CVE-2026-34519	Med	5.3	< 2.16.0-r4	2.16.0-r4	Apr 1, 2026	AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, an attacker who controls the reason parameter when creating a Response may be able to inject extra headers or similar exploits. This issue has been patched in version 3.13.4.
CVE-2026-34518	Med	5.3	< 2.16.0-r4	2.16.0-r4	Apr 1, 2026	AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, when following redirects to a different origin, aiohttp drops the Authorization header, but retains the Cookie and Proxy-Authorization headers. This issue has been patched in

CVE-2026-44432HigMay 13, 2026
affected < 2.16.1-r1fixed 2.16.1-r1
urllib3 is an HTTP client library for Python. From 2.6.0 to before 2.7.0, urllib3 could decompress the whole response instead of the requested portion (1) during the second HTTPResponse.read(amt=N) call when the response was decompressed using the official Brotli library or (2) w
CVE-2026-44431MedMay 13, 2026
affected < 2.16.1-r1fixed 2.16.1-r1
urllib3 is an HTTP client library for Python. From 1.23 to before 2.7.0, cross-origin redirects followed from the low-level API via ProxyManager.connection_from_url().urlopen(..., assert_same_host=False) still forward these sensitive headers. This vulnerability is fixed in 2.7.0.
CVE-2026-42311HigMay 9, 2026
affected < 2.16.1-r0fixed 2.16.1-r0
Pillow is a Python imaging library. From version 10.3.0 to before version 12.2.0, processing a malicious PSD file could lead to memory corruption, potentially resulting in a crash or arbitrary code execution. This issue has been patched in version 12.2.0.
CVE-2026-42310MedMay 9, 2026
affected < 2.16.1-r0fixed 2.16.1-r0
Pillow is a Python imaging library. From version 4.2.0 to before version 12.2.0, an attacker can supply a malicious PDF that causes the process to hang indefinitely, consuming 100% CPU and making the application unresponsive. This issue has been patched in version 12.2.0.
CVE-2026-42309MedMay 9, 2026
affected < 2.16.1-r0fixed 2.16.1-r0
Pillow is a Python imaging library. From version 11.2.1 to before version 12.2.0, passing nested lists as coordinates to APIs that accept coordinates such as ImagePath.Path, ImageDraw.ImageDraw.polygon and ImageDraw.ImageDraw.line could cause a heap buffer overflow, as nested lis
CVE-2026-42308MedMay 9, 2026
affected < 2.16.1-r0fixed 2.16.1-r0
Pillow is a Python imaging library. Prior to version 12.2.0, if a font advances for each glyph by an exceeding large amount, when Pillow keeps track of the current position, it may lead to an integer overflow. This issue has been patched in version 12.2.0.
CVE-2026-44897medMay 9, 2026
affected < 2.16.1-r2fixed 2.16.1-r2
## Summary `HTMLRenderer.heading()` builds the opening `` tag by string-concatenating the `id` attribute value directly into the HTML — with no call to `escape()`, `safe_entity()`, or any other sanitisation function. A double-quote character `"` in the `id` value terminates t
CVE-2026-44896medMay 8, 2026
affected < 2.16.1-r2fixed 2.16.1-r2
In `src/mistune/directives/image.py`, the `render_figure()` function concatenates `figclass` and `figwidth` options directly into HTML attributes without escaping (lines 152-168). This allows attribute injection and XSS even when `HTMLRenderer(escape=True)` is used, because thes
CVE-2026-44708medMay 8, 2026
affected < 2.16.1-r2fixed 2.16.1-r2
## Summary The mistune math plugin renders inline math (`$...$`) and block math (`$$...$$`) by concatenating the raw user-supplied content directly into the HTML output **without any HTML escaping**. This occurs even when the parser is explicitly created with `escape=True`, which
CVE-2026-33079HigMay 6, 2026
affected < 2.16.1-r2fixed 2.16.1-r2
In versions 3.0.0a1 through 3.2.0 of Mistune, there is a ReDoS (Regular Expression Denial of Service) vulnerability in `LINK_TITLE_RE` that allows an attacker who can supply Markdown for parsing to cause denial of service. The regular expression used for parsing link titles conta
CVE-2026-41066HigApr 24, 2026
affected < 2.16.0-r5fixed 2.16.0-r5
lxml is a library for processing XML and HTML in the Python language. Prior to 6.1.0, using either of the two parsers in the default configuration (with resolve_entities=True) allows untrusted XML input to read local files. Setting the resolve_entities option explicitly to resolv
CVE-2026-39378MedApr 21, 2026
affected < 2.16.0-r5fixed 2.16.0-r5
The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. In versions 6.5 through 7.17.0, when `HTMLExporter.embed_images=True`, nbconvert's markdown renderer allows arbitrary file read via path traversal in image references.
CVE-2026-39377MedApr 21, 2026
affected < 2.16.0-r5fixed 2.16.0-r5
The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. Versions 6.5 through 7.17.0 allow arbitrary file writes to locations outside the intended output directory when processing notebooks containing crafted cell attachment
CVE-2026-40192HigApr 15, 2026
affected < 2.16.1-r1fixed 2.16.1-r1
Pillow is a Python imaging library. Versions 10.3.0 through 12.1.1 did not limit the amount of GZIP-compressed data read when decoding a FITS image, making them vulnerable to decompression bomb attacks. A specially crafted FITS file could cause unbounded memory consumption, leadi
CVE-2026-1462HigApr 13, 2026
affected < 0fixed 0
A vulnerability in the `TFSMLayer` class of the `keras` package, version 3.13.0, allows attacker-controlled TensorFlow SavedModels to be loaded during deserialization of `.keras` models, even when `safe_mode=True`. This bypasses the security guarantees of `safe_mode` and enables
CVE-2026-39892CriApr 8, 2026
affected < 2.16.0-r4fixed 2.16.0-r4
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. From 45.0.0 to before 46.0.7, if a non-contiguous buffer was passed to APIs which accepted Python buffers (e.g. Hash.update()), this could lead to buffer overflows. This vulner
CVE-2026-34525MedApr 1, 2026
affected < 2.16.0-r4fixed 2.16.0-r4
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, multiple Host headers were allowed in aiohttp. This issue has been patched in version 3.13.4.
CVE-2026-34520CriApr 1, 2026
affected < 2.16.0-r4fixed 2.16.0-r4
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, the C parser (the default for most installs) accepted null bytes and control characters in response headers. This issue has been patched in version 3.13.4.
CVE-2026-34519MedApr 1, 2026
affected < 2.16.0-r4fixed 2.16.0-r4
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, an attacker who controls the reason parameter when creating a Response may be able to inject extra headers or similar exploits. This issue has been patched in version 3.13.4.
CVE-2026-34518MedApr 1, 2026
affected < 2.16.0-r4fixed 2.16.0-r4
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, when following redirects to a different origin, aiohttp drops the Authorization header, but retains the Cookie and Proxy-Authorization headers. This issue has been patched in

Page 1 of 5