apk package
chainguard/py3-tensorflow-serving-api
pkg:apk/chainguard/py3-tensorflow-serving-api
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-46136 | Hig | 8.0 | < 2.14.1-r1 | 2.14.1-r1 | Oct 25, 2023 | Werkzeug is a comprehensive WSGI web application library. In versions on the 3.x branch prior to 3.0.1 and on the 2.x branch prior to 2.3.8, if an upload of a file that starts with CR or LF and then is followed by megabytes of data without these characters: all of these bytes are | |
| CVE-2023-45803 | — | < 2.14.1-r1 | 2.14.1-r1 | Oct 17, 2023 | urllib3 is a user-friendly HTTP client library for Python. urllib3 previously wouldn't remove the HTTP request body when an HTTP redirect response using status 301, 302, or 303 after the request had its method changed from one that could accept a request body (like `POST`) to `GE |
- affected < 2.14.1-r1fixed 2.14.1-r1
Werkzeug is a comprehensive WSGI web application library. In versions on the 3.x branch prior to 3.0.1 and on the 2.x branch prior to 2.3.8, if an upload of a file that starts with CR or LF and then is followed by megabytes of data without these characters: all of these bytes are
- CVE-2023-45803Oct 17, 2023affected < 2.14.1-r1fixed 2.14.1-r1
urllib3 is a user-friendly HTTP client library for Python. urllib3 previously wouldn't remove the HTTP request body when an HTTP redirect response using status 301, 302, or 303 after the request had its method changed from one that could accept a request body (like `POST`) to `GE