VYPR

apk package

chainguard/open-webui

pkg:apk/chainguard/open-webui

Vulnerabilities (105)

  • CVE-2025-69226Jan 5, 2026
    affected < 0.6.43-r1fixed 0.6.43-r1

    AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below enable an attacker to ascertain the existence of absolute path components through the path normalization logic for static files meant to prevent path traversal. If an applica

  • CVE-2025-69224Jan 5, 2026
    affected < 0.6.43-r1fixed 0.6.43-r1

    AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below of the Python HTTP parser may allow a request smuggling attack with the presence of non-ASCII characters. If a pure Python version of AIOHTTP is installed (i.e. without the u

  • CVE-2025-69223Jan 5, 2026
    affected < 0.6.43-r1fixed 0.6.43-r1

    AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow a zip bomb to be used to execute a DoS against the AIOHTTP server. An attacker may be able to send a compressed request that when decompressed by AIOHTTP could exhaust

  • CVE-2025-68480MedDec 22, 2025
    affected < 0.6.41-r1fixed 0.6.41-r1

    Marshmallow is a lightweight library for converting complex objects to and from simple Python datatypes. In versions from 3.0.0rc1 to before 3.26.2 and from 4.0.0 to before 4.1.2, Schema.load(data, many=True) is vulnerable to denial of service attacks. A moderately sized request

  • CVE-2025-68146Dec 16, 2025
    affected < 0.6.41-r1fixed 0.6.41-r1

    filelock is a platform-independent file lock for Python. In versions prior to 3.20.1, a Time-of-Check-Time-of-Use (TOCTOU) race condition allows local attackers to corrupt or truncate arbitrary user files through symlink attacks. The vulnerability exists in both Unix and Windows

  • CVE-2025-66471Dec 5, 2025
    affected < 0.9.2-r0fixed 0.9.2-r0

    urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.0 and prior to 2.6.0, the Streaming API improperly handles highly compressed data. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chu

  • CVE-2025-66418Dec 5, 2025
    affected < 0.9.2-r0fixed 0.9.2-r0

    urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number of links in the decompression chain was unbounded allowing a malicious server to insert a virtually unlimited number of compression steps leading to high CPU usage a

  • CVE-2025-66416Dec 2, 2025
    affected < 0.6.40-r1fixed 0.6.40-r1

    The MCP Python SDK, called `mcp` on PyPI, is a Python implementation of the Model Context Protocol (MCP). Prior to version 1.23.0, tThe Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default for HTTP-based servers. When an HTTP-based MCP serve

  • CVE-2025-66034Nov 29, 2025
    affected < 0.9.2-r0fixed 0.9.2-r0

    fontTools is a library for manipulating fonts, written in Python. In versions from 4.33.0 to before 4.60.2, the fonttools varLib (or python3 -m fontTools.varLib) script has an arbitrary file write vulnerability that leads to remote code execution when a malicious .designspace fil

  • CVE-2025-66019MedNov 26, 2025
    affected < 0.6.40-r0fixed 0.6.40-r0

    pypdf is a free and open-source pure-python PDF library. Prior to version 6.4.0, an attacker who uses this vulnerability can craft a PDF which leads to a memory usage of up to 1 GB per stream. This requires parsing the content stream of a page using the LZWDecode filter. This iss

  • CVE-2025-65106HigNov 21, 2025
    affected < 0.6.37-r0fixed 0.6.37-r0

    LangChain is a framework for building agents and LLM-powered applications. From versions 0.3.79 and prior and 1.0.0 to 1.0.6, a template injection vulnerability exists in LangChain's prompt template system that allows attackers to access Python object internals through template s

  • CVE-2025-6176HigOct 31, 2025
    affected < 0.6.34-r3fixed 0.6.34-r3

    Scrapy versions up to 2.13.2 are vulnerable to a denial of service (DoS) attack due to a flaw in its brotli decompression implementation. The protection mechanism against decompression bombs fails to mitigate the brotli variant, allowing remote servers to crash clients with less

  • CVE-2025-62727HigOct 28, 2025
    affected < 0.6.34-r2fixed 0.6.34-r2

    Starlette is a lightweight ASGI framework/toolkit. Starting in version 0.39.0 and prior to version 0.49.1 , an unauthenticated attacker can send a crafted HTTP Range header that triggers quadratic-time processing in Starlette's FileResponse Range parsing/merging logic. This enabl

  • CVE-2025-62708Oct 22, 2025
    affected < 0.6.34-r1fixed 0.6.34-r1

    pypdf is a free and open-source pure-python PDF library. Prior to version 6.1.3, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing the content stream of a page using the LZWDecode filter. This has been fixed in pypdf

  • CVE-2025-62707Oct 22, 2025
    affected < 0.6.34-r1fixed 0.6.34-r1

    pypdf is a free and open-source pure-python PDF library. Prior to version 6.1.3, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires parsing the content stream of a page which has an inline image using the DCTDecode filter. This

  • CVE-2025-6985HigOct 6, 2025
    affected < 0.6.33-r0fixed 0.6.33-r0

    The HTMLSectionSplitter class in langchain-text-splitters version 0.3.8 is vulnerable to XML External Entity (XXE) attacks due to unsafe XSLT parsing. This vulnerability arises because the class allows the use of arbitrary XSLT stylesheets, which are parsed using lxml.etree.parse

  • CVE-2025-61765MedOct 6, 2025
    affected < 0.6.33-r1fixed 0.6.33-r1

    python-socketio is a Python implementation of the Socket.IO realtime client and server. A remote code execution vulnerability in python-socketio versions prior to 5.14.0 allows attackers to execute arbitrary Python code through malicious pickle deserialization in multi-server dep

  • CVE-2025-59420Sep 22, 2025
    affected < 0.6.30-r1fixed 0.6.30-r1

    Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.4, Authlib’s JWS verification accepts tokens that declare unknown critical header parameters (crit), violating RFC 7515 “must‑understand” semantics. An attacker can craft a signed toke

  • CVE-2025-6984HigSep 4, 2025
    affected < 0.6.27-r0fixed 0.6.27-r0

    The langchain-ai/langchain project, specifically the EverNoteLoader component, is vulnerable to XML External Entity (XXE) attacks due to insecure XML parsing. The affected version is 0.3.63. The vulnerability arises from the use of etree.iterparse() without disabling external ent

  • CVE-2025-55197Aug 13, 2025
    affected < 0.6.22-r1fixed 0.6.22-r1

    pypdf is a free and open-source pure-python PDF library. Prior to version 6.0.0, an attacker can craft a PDF which leads to the RAM being exhausted. This requires just reading the file if a series of FlateDecode filters is used on a malicious cross-reference stream. Other content

Page 5 of 6