apk package
chainguard/langfuse-fips-3-worker
pkg:apk/chainguard/langfuse-fips-3-worker
Vulnerabilities (136)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-9678 | mod | 5.9 | < 3.194.0-r0 | 3.194.0-r0 | Jun 17, 2026 | undici: Undici: Information disclosure due to improper cache-control header parsing | |
| CVE-2026-9697 | imp | 7.4 | < 3.194.0-r0 | 3.194.0-r0 | Jun 17, 2026 | undici: undici: Man-in-the-Middle attack via ignored TLS options with SOCKS5 proxy | |
| CVE-2026-54288 | — | < 3.188.0-r0 | 3.188.0-r0 | Jun 16, 2026 | ### Summary The Body Limit Middleware trusts the request's `Content-Length` header to decide whether a body is within the limit. On AWS Lambda (API Gateway v1/v2, ALB, VPC Lattice, and Lambda@Edge) the body is delivered fully buffered and the adapter builds the request with the | ||
| CVE-2026-54289 | — | < 3.188.0-r0 | 3.188.0-r0 | Jun 16, 2026 | ### Summary On AWS Lambda@Edge, CloudFront delivers a request header that appears more than once as several separate entries. The adapter writes each value with `Headers.set` instead of `Headers.append`, so every value overwrites the previous one and only the last reaches the ap | ||
| CVE-2026-54290 | hig | — | < 3.188.0-r0 | 3.188.0-r0 | Jun 16, 2026 | ### Summary With `credentials: true` and no explicit `origin` (the default wildcard), the CORS Middleware reflects the request's `Origin` and sends `Access-Control-Allow-Credentials: true`. Any site can then make credentialed cross-origin requests and read the responses, exposin | |
| CVE-2026-54286 | — | < 3.188.0-r0 | 3.188.0-r0 | Jun 16, 2026 | ### Summary On Windows hosts, an encoded backslash (`%5C`) in the request path decodes to `\`, which the Windows path resolver treats as a separator. `serve-static` then resolves a single URL segment such as `admin\secret.txt` into a nested file under the root and serves it, let | ||
| CVE-2026-54287 | — | < 3.188.0-r0 | 3.188.0-r0 | Jun 16, 2026 | ### Summary On AWS Lambda, the ALB single-header response and the VPC Lattice v2 response join multiple `Set-Cookie` headers into one comma-separated value. Because commas also appear inside cookie attributes (for example `Expires` dates), clients cannot split the value back int | ||
| CVE-2026-54285 | — | < 3.197.0-r0 | 3.197.0-r0 | Jun 15, 2026 | ## Overview `W3CBaggagePropagator.extract()` in `@opentelemetry/core` does not enforce size limits when parsing inbound `baggage` HTTP headers. The W3C Baggage specification recommends a maximum of 8,192 bytes and 180 entries; these limits were only enforced on the outbound (`in | ||
| CVE-2026-49978 | — | < 3.192.0-r0 | 3.192.0-r0 | Jun 15, 2026 | If the HTML you give it contains a element, and inside that template there's an element with a shadow DOM attached to it, DOMPurify quietly skips over the shadow contents. Whatever the attacker put in there - an image with an onerror handler, a link with a javascript: | ||
| CVE-2026-49458 | — | < 3.188.0-r0 | 3.188.0-r0 | Jun 15, 2026 | # Cross-realm IN_PLACE sanitization leaves executable markup intact via realm-bound `instanceof` checks **CWE**: CWE-79 (XSS — Improper Neutralization of Input During Web Page Generation) via CWE-693 (Protection Mechanism Failure — realm-bound `instanceof` checks fail-open on fo | ||
| CVE-2026-49459 | — | < 3.188.0-r0 | 3.188.0-r0 | Jun 15, 2026 | # IN_PLACE mode preserves attributes of a clobbered root element, allowing XSS via attacker-controlled root DOM **CWE**: CWE-79 (XSS — Improper Neutralization of Input During Web Page Generation) via CWE-693 (Protection Mechanism Failure — silent no-op when `_forceRemove` is cal | ||
| CVE-2026-48712 | hig | — | < 3.188.0-r0 | 3.188.0-r0 | Jun 15, 2026 | ## Summary protobufjs could recurse without a depth limit while converting decoded messages to plain objects or JSON. This affected generated `toObject()` conversion and the custom `google.protobuf.Any` JSON conversion path. A crafted protobuf binary payload containing deeply n | |
| CVE-2026-54269 | — | < 3.192.0-r0 | 3.192.0-r0 | Jun 15, 2026 | ## Summary protobufjs accepted certain schema-derived names that could collide with properties used by protobufjs runtime helpers. The known affected names are fields named `hasOwnProperty`, field or oneof names such as `$type` when loaded through protobufjs JSON/reflection desc | ||
| CVE-2026-49356 | low | — | < 3.192.0-r0 | 3.192.0-r0 | Jun 15, 2026 | ## Impact Using `@babel/core` to compile maliciously crafted code can allow ab attacker to read any source map from the system that is running Babel, if these conditions are _all_ true: - the attacker controls the input source code - the attacker can read the output source code | |
| CVE-2026-48779 | hig | — | < 3.188.0-r0 | 3.188.0-r0 | Jun 15, 2026 | ### Impact A high volume of exceptionally small fragments and data chunks can be sent by a peer, with modest network traffic, to force the remote peer into allocating and holding structural wrappers that consume far more memory than the default documented message-size limit, lea | |
| CVE-2026-12143 | Hig | 7.5 | < 3.188.0-r0 | 3.188.0-r0 | Jun 12, 2026 | form-data is a library for creating readable multipart/form-data streams. In versions through 4.0.5, the `field` argument to `FormData#append` and the `filename` option are concatenated verbatim into the `Content-Disposition` header without escaping carriage return (CR), line fee | |
| CVE-2026-44494 | Hig | 8.7 | < 3.177.1-r0 | 3.177.1-r0 | Jun 11, 2026 | Axios is a promise based HTTP client for the browser and Node.js. From 1.0.0 to before 1.16.0, the Axios library is vulnerable to a Prototype Pollution "Gadget" attack that allows any Object.prototype pollution in the application's dependency tree to be escalated into a full Man- | |
| CVE-2026-44492 | Hig | 8.6 | < 3.177.1-r0 | 3.177.1-r0 | Jun 11, 2026 | Axios is a promise based HTTP client for the browser and Node.js. Prior to 0.32.0 and 1.16.0, Axios does not normalise IPv4-mapped IPv6 addresses. When NO_PROXY lists an IPv4 address such as 127.0.0.1 or 169.254.169.254, a request URL using the IPv4-mapped IPv6 form (::ffff:7f00: | |
| CVE-2026-44490 | Med | 4.8 | < 3.177.1-r0 | 3.177.1-r0 | Jun 11, 2026 | Axios is a promise based HTTP client for the browser and Node.js. Prior to 0.32.0 and 1.16.0, axios exposes two read-side prototype-pollution gadgets. When Object.prototype is polluted by an upstream dependency in the same process (e.g. lodash _.merge / CVE-2018-16487), axios sil | |
| CVE-2026-44489 | Low | 3.7 | < 3.177.1-r0 | 3.177.1-r0 | Jun 11, 2026 | Axios is a promise based HTTP client for the browser and Node.js. From 1.15.2 to before 1.16.0, nested objects created by utils.merge() (e.g., config.proxy) are still constructed as plain {} with Object.prototype in their chain. The setProxy() function at lib/adapters/http.js:209 |
- affected < 3.194.0-r0fixed 3.194.0-r0
undici: Undici: Information disclosure due to improper cache-control header parsing
- affected < 3.194.0-r0fixed 3.194.0-r0
undici: undici: Man-in-the-Middle attack via ignored TLS options with SOCKS5 proxy
- CVE-2026-54288Jun 16, 2026affected < 3.188.0-r0fixed 3.188.0-r0
### Summary The Body Limit Middleware trusts the request's `Content-Length` header to decide whether a body is within the limit. On AWS Lambda (API Gateway v1/v2, ALB, VPC Lattice, and Lambda@Edge) the body is delivered fully buffered and the adapter builds the request with the
- CVE-2026-54289Jun 16, 2026affected < 3.188.0-r0fixed 3.188.0-r0
### Summary On AWS Lambda@Edge, CloudFront delivers a request header that appears more than once as several separate entries. The adapter writes each value with `Headers.set` instead of `Headers.append`, so every value overwrites the previous one and only the last reaches the ap
- affected < 3.188.0-r0fixed 3.188.0-r0
### Summary With `credentials: true` and no explicit `origin` (the default wildcard), the CORS Middleware reflects the request's `Origin` and sends `Access-Control-Allow-Credentials: true`. Any site can then make credentialed cross-origin requests and read the responses, exposin
- CVE-2026-54286Jun 16, 2026affected < 3.188.0-r0fixed 3.188.0-r0
### Summary On Windows hosts, an encoded backslash (`%5C`) in the request path decodes to `\`, which the Windows path resolver treats as a separator. `serve-static` then resolves a single URL segment such as `admin\secret.txt` into a nested file under the root and serves it, let
- CVE-2026-54287Jun 16, 2026affected < 3.188.0-r0fixed 3.188.0-r0
### Summary On AWS Lambda, the ALB single-header response and the VPC Lattice v2 response join multiple `Set-Cookie` headers into one comma-separated value. Because commas also appear inside cookie attributes (for example `Expires` dates), clients cannot split the value back int
- CVE-2026-54285Jun 15, 2026affected < 3.197.0-r0fixed 3.197.0-r0
## Overview `W3CBaggagePropagator.extract()` in `@opentelemetry/core` does not enforce size limits when parsing inbound `baggage` HTTP headers. The W3C Baggage specification recommends a maximum of 8,192 bytes and 180 entries; these limits were only enforced on the outbound (`in
- CVE-2026-49978Jun 15, 2026affected < 3.192.0-r0fixed 3.192.0-r0
If the HTML you give it contains a element, and inside that template there's an element with a shadow DOM attached to it, DOMPurify quietly skips over the shadow contents. Whatever the attacker put in there - an image with an onerror handler, a link with a javascript:
- CVE-2026-49458Jun 15, 2026affected < 3.188.0-r0fixed 3.188.0-r0
# Cross-realm IN_PLACE sanitization leaves executable markup intact via realm-bound `instanceof` checks **CWE**: CWE-79 (XSS — Improper Neutralization of Input During Web Page Generation) via CWE-693 (Protection Mechanism Failure — realm-bound `instanceof` checks fail-open on fo
- CVE-2026-49459Jun 15, 2026affected < 3.188.0-r0fixed 3.188.0-r0
# IN_PLACE mode preserves attributes of a clobbered root element, allowing XSS via attacker-controlled root DOM **CWE**: CWE-79 (XSS — Improper Neutralization of Input During Web Page Generation) via CWE-693 (Protection Mechanism Failure — silent no-op when `_forceRemove` is cal
- affected < 3.188.0-r0fixed 3.188.0-r0
## Summary protobufjs could recurse without a depth limit while converting decoded messages to plain objects or JSON. This affected generated `toObject()` conversion and the custom `google.protobuf.Any` JSON conversion path. A crafted protobuf binary payload containing deeply n
- CVE-2026-54269Jun 15, 2026affected < 3.192.0-r0fixed 3.192.0-r0
## Summary protobufjs accepted certain schema-derived names that could collide with properties used by protobufjs runtime helpers. The known affected names are fields named `hasOwnProperty`, field or oneof names such as `$type` when loaded through protobufjs JSON/reflection desc
- affected < 3.192.0-r0fixed 3.192.0-r0
## Impact Using `@babel/core` to compile maliciously crafted code can allow ab attacker to read any source map from the system that is running Babel, if these conditions are _all_ true: - the attacker controls the input source code - the attacker can read the output source code
- affected < 3.188.0-r0fixed 3.188.0-r0
### Impact A high volume of exceptionally small fragments and data chunks can be sent by a peer, with modest network traffic, to force the remote peer into allocating and holding structural wrappers that consume far more memory than the default documented message-size limit, lea
- affected < 3.188.0-r0fixed 3.188.0-r0
form-data is a library for creating readable multipart/form-data streams. In versions through 4.0.5, the `field` argument to `FormData#append` and the `filename` option are concatenated verbatim into the `Content-Disposition` header without escaping carriage return (CR), line fee
- affected < 3.177.1-r0fixed 3.177.1-r0
Axios is a promise based HTTP client for the browser and Node.js. From 1.0.0 to before 1.16.0, the Axios library is vulnerable to a Prototype Pollution "Gadget" attack that allows any Object.prototype pollution in the application's dependency tree to be escalated into a full Man-
- affected < 3.177.1-r0fixed 3.177.1-r0
Axios is a promise based HTTP client for the browser and Node.js. Prior to 0.32.0 and 1.16.0, Axios does not normalise IPv4-mapped IPv6 addresses. When NO_PROXY lists an IPv4 address such as 127.0.0.1 or 169.254.169.254, a request URL using the IPv4-mapped IPv6 form (::ffff:7f00:
- affected < 3.177.1-r0fixed 3.177.1-r0
Axios is a promise based HTTP client for the browser and Node.js. Prior to 0.32.0 and 1.16.0, axios exposes two read-side prototype-pollution gadgets. When Object.prototype is polluted by an upstream dependency in the same process (e.g. lodash _.merge / CVE-2018-16487), axios sil
- affected < 3.177.1-r0fixed 3.177.1-r0
Axios is a promise based HTTP client for the browser and Node.js. From 1.15.2 to before 1.16.0, nested objects created by utils.merge() (e.g., config.proxy) are still constructed as plain {} with Object.prototype in their chain. The setProxy() function at lib/adapters/http.js:209
Page 1 of 7