VYPR

apk package

chainguard/py3.11-text-generation-inference

pkg:apk/chainguard/py3.11-text-generation-inference

Vulnerabilities (23)

  • CVE-2024-47081MedJun 9, 2025
    affected < 3.3.6-r3fixed 3.3.6-r3

    Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to version 2.32.4 to receive a fix. For older versions of Requests, use of the .netrc

  • CVE-2025-47273May 17, 2025
    affected < 3.3.6-r3fixed 3.3.6-r3

    setuptools is a package that allows users to download, build, install, upgrade, and uninstall Python packages. A path traversal vulnerability in `PackageIndex` is present in setuptools prior to version 78.1.1. An attacker would be allowed to write files to arbitrary locations on

  • CVE-2025-27516Mar 5, 2025
    affected < 3.3.6-r3fixed 3.3.6-r3

    Jinja is an extensible templating engine. Prior to 3.1.6, an oversight in how the Jinja sandboxed environment interacts with the |attr filter allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker nee

Page 2 of 2