apk package

chainguard/tritonserver-backend-vllm-cuda-12.9

pkg:apk/chainguard/tritonserver-backend-vllm-cuda-12.9

Vulnerabilities (42)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2026-44432	Hig	7.5	< 25.9.0_git20260318-r1	25.9.0_git20260318-r1	May 13, 2026	urllib3 is an HTTP client library for Python. From 2.6.0 to before 2.7.0, urllib3 could decompress the whole response instead of the requested portion (1) during the second HTTPResponse.read(amt=N) call when the response was decompressed using the official Brotli library or (2) w
CVE-2026-44431	Med	5.3	< 25.9.0_git20260318-r1	25.9.0_git20260318-r1	May 13, 2026	urllib3 is an HTTP client library for Python. From 1.23 to before 2.7.0, cross-origin redirects followed from the low-level API via ProxyManager.connection_from_url().urlopen(..., assert_same_host=False) still forward these sensitive headers. This vulnerability is fixed in 2.7.0.
CVE-2026-41486	Hig	8.8	< 25.9.0_git20260318-r1	25.9.0_git20260318-r1	May 8, 2026	Ray is an AI compute engine. From version 2.54.0 to before version 2.55.0, Ray Data registers custom Arrow extension types (ray.data.arrow_tensor, ray.data.arrow_tensor_v2, ray.data.arrow_variable_shaped_tensor) globally in PyArrow. When PyArrow reads a Parquet file containing on
CVE-2026-40347	Med	5.3	< 25.9.0_git20260318-r1	25.9.0_git20260318-r1	Apr 18, 2026	Python-Multipart is a streaming multipart parser for Python. Versions prior to 0.0.26 have a denial of service vulnerability when parsing crafted `multipart/form-data` requests with large preamble or epilogue sections. Upgrade to version 0.0.26 or later, which skips ahead to the
CVE-2026-40192	Hig	7.5	< 25.9.0_git20260318-r1	25.9.0_git20260318-r1	Apr 15, 2026	Pillow is a Python imaging library. Versions 10.3.0 through 12.1.1 did not limit the amount of GZIP-compressed data read when decoding a FITS image, making them vulnerable to decompression bomb attacks. A specially crafted FITS file could cause unbounded memory consumption, leadi
CVE-2026-34525	Med	5.3	< 25.9.0_git20260318-r1	25.9.0_git20260318-r1	Apr 1, 2026	AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, multiple Host headers were allowed in aiohttp. This issue has been patched in version 3.13.4.
CVE-2026-34520	Cri	9.1	< 25.9.0_git20260318-r1	25.9.0_git20260318-r1	Apr 1, 2026	AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, the C parser (the default for most installs) accepted null bytes and control characters in response headers. This issue has been patched in version 3.13.4.
CVE-2026-34519	Med	5.3	< 25.9.0_git20260318-r1	25.9.0_git20260318-r1	Apr 1, 2026	AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, an attacker who controls the reason parameter when creating a Response may be able to inject extra headers or similar exploits. This issue has been patched in version 3.13.4.
CVE-2026-34518	Med	5.3	< 25.9.0_git20260318-r1	25.9.0_git20260318-r1	Apr 1, 2026	AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, when following redirects to a different origin, aiohttp drops the Authorization header, but retains the Cookie and Proxy-Authorization headers. This issue has been patched in
CVE-2026-34517	Med	5.3	< 25.9.0_git20260318-r1	25.9.0_git20260318-r1	Apr 1, 2026	AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, for some multipart form fields, aiohttp read the entire field into memory before checking client_max_size. This issue has been patched in version 3.13.4.
CVE-2026-34516	Hig	7.5	< 25.9.0_git20260318-r1	25.9.0_git20260318-r1	Apr 1, 2026	AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, a response with an excessive number of multipart headers may be allowed to use more memory than intended, potentially allowing a DoS vulnerability. This issue has been patched
CVE-2026-34515	Hig	7.5	< 25.9.0_git20260318-r1	25.9.0_git20260318-r1	Apr 1, 2026	AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, on Windows the static resource handler may expose information about a NTLMv2 remote path. This issue has been patched in version 3.13.4.
CVE-2026-34514	Med	5.3	< 25.9.0_git20260318-r1	25.9.0_git20260318-r1	Apr 1, 2026	AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, an attacker who controls the content_type parameter in aiohttp could use this to inject extra headers or similar exploits. This issue has been patched in version 3.13.4.
CVE-2026-34513	Hig	7.5	< 25.9.0_git20260318-r1	25.9.0_git20260318-r1	Apr 1, 2026	AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, an unbounded DNS cache could result in excessive memory usage possibly resulting in a DoS situation. This issue has been patched in version 3.13.4.
CVE-2026-22815	Hig	7.5	< 25.9.0_git20260318-r1	25.9.0_git20260318-r1	Apr 1, 2026	AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, insufficient restrictions in header/trailer handling could cause uncapped memory usage. This issue has been patched in version 3.13.4.
CVE-2026-25645		—	< 25.9.0_git20260318-r0	25.9.0_git20260318-r0	Mar 25, 2026	Requests is a HTTP library. Prior to version 2.33.0, the `requests.utils.extract_zipped_paths()` utility function uses a predictable filename when extracting files from zip archives into the system temporary directory. If the target file already exists, it is reused without valid
CVE-2026-26209		—	< 25.9.0_git20260318-r0	25.9.0_git20260318-r0	Mar 23, 2026	cbor2 provides encoding and decoding for the Concise Binary Object Representation (CBOR) serialization format. Versions prior to 5.9.0 are vulnerable to a Denial of Service (DoS) attack caused by uncontrolled recursion when decoding deeply nested CBOR structures. This vulnerabili
CVE-2026-4539	Low	3.3	< 25.9.0_git20260318-r1	25.9.0_git20260318-r1	Mar 22, 2026	A security flaw has been discovered in pygments up to 2.19.2. The impacted element is the function AdlLexer of the file pygments/lexers/archetype.py. The manipulation results in inefficient regular expression complexity. The attack is only possible with local access. The exploit
CVE-2026-25048		—	< 25.9.0_git20260318-r0	25.9.0_git20260318-r0	Mar 5, 2026	xgrammar is an open-source library for efficient, flexible, and portable structured generation. Prior to version 0.1.32, the multi-level nested syntax caused a segmentation fault (core dumped). This issue has been patched in version 0.1.32.
CVE-2026-27482		—	< 25.9.0_git20251112-r7	25.9.0_git20251112-r7	Feb 21, 2026	Ray is an AI compute engine. In versions 2.53.0 and below, thedashboard HTTP server blocks browser-origin POST/PUT but does not cover DELETE, and key DELETE endpoints are unauthenticated by default. If the dashboard/agent is reachable (e.g., --dashboard-host=0.0.0.0), a web page

CVE-2026-44432HigMay 13, 2026
affected < 25.9.0_git20260318-r1fixed 25.9.0_git20260318-r1
urllib3 is an HTTP client library for Python. From 2.6.0 to before 2.7.0, urllib3 could decompress the whole response instead of the requested portion (1) during the second HTTPResponse.read(amt=N) call when the response was decompressed using the official Brotli library or (2) w
CVE-2026-44431MedMay 13, 2026
affected < 25.9.0_git20260318-r1fixed 25.9.0_git20260318-r1
urllib3 is an HTTP client library for Python. From 1.23 to before 2.7.0, cross-origin redirects followed from the low-level API via ProxyManager.connection_from_url().urlopen(..., assert_same_host=False) still forward these sensitive headers. This vulnerability is fixed in 2.7.0.
CVE-2026-41486HigMay 8, 2026
affected < 25.9.0_git20260318-r1fixed 25.9.0_git20260318-r1
Ray is an AI compute engine. From version 2.54.0 to before version 2.55.0, Ray Data registers custom Arrow extension types (ray.data.arrow_tensor, ray.data.arrow_tensor_v2, ray.data.arrow_variable_shaped_tensor) globally in PyArrow. When PyArrow reads a Parquet file containing on
CVE-2026-40347MedApr 18, 2026
affected < 25.9.0_git20260318-r1fixed 25.9.0_git20260318-r1
Python-Multipart is a streaming multipart parser for Python. Versions prior to 0.0.26 have a denial of service vulnerability when parsing crafted `multipart/form-data` requests with large preamble or epilogue sections. Upgrade to version 0.0.26 or later, which skips ahead to the
CVE-2026-40192HigApr 15, 2026
affected < 25.9.0_git20260318-r1fixed 25.9.0_git20260318-r1
Pillow is a Python imaging library. Versions 10.3.0 through 12.1.1 did not limit the amount of GZIP-compressed data read when decoding a FITS image, making them vulnerable to decompression bomb attacks. A specially crafted FITS file could cause unbounded memory consumption, leadi
CVE-2026-34525MedApr 1, 2026
affected < 25.9.0_git20260318-r1fixed 25.9.0_git20260318-r1
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, multiple Host headers were allowed in aiohttp. This issue has been patched in version 3.13.4.
CVE-2026-34520CriApr 1, 2026
affected < 25.9.0_git20260318-r1fixed 25.9.0_git20260318-r1
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, the C parser (the default for most installs) accepted null bytes and control characters in response headers. This issue has been patched in version 3.13.4.
CVE-2026-34519MedApr 1, 2026
affected < 25.9.0_git20260318-r1fixed 25.9.0_git20260318-r1
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, an attacker who controls the reason parameter when creating a Response may be able to inject extra headers or similar exploits. This issue has been patched in version 3.13.4.
CVE-2026-34518MedApr 1, 2026
affected < 25.9.0_git20260318-r1fixed 25.9.0_git20260318-r1
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, when following redirects to a different origin, aiohttp drops the Authorization header, but retains the Cookie and Proxy-Authorization headers. This issue has been patched in
CVE-2026-34517MedApr 1, 2026
affected < 25.9.0_git20260318-r1fixed 25.9.0_git20260318-r1
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, for some multipart form fields, aiohttp read the entire field into memory before checking client_max_size. This issue has been patched in version 3.13.4.
CVE-2026-34516HigApr 1, 2026
affected < 25.9.0_git20260318-r1fixed 25.9.0_git20260318-r1
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, a response with an excessive number of multipart headers may be allowed to use more memory than intended, potentially allowing a DoS vulnerability. This issue has been patched
CVE-2026-34515HigApr 1, 2026
affected < 25.9.0_git20260318-r1fixed 25.9.0_git20260318-r1
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, on Windows the static resource handler may expose information about a NTLMv2 remote path. This issue has been patched in version 3.13.4.
CVE-2026-34514MedApr 1, 2026
affected < 25.9.0_git20260318-r1fixed 25.9.0_git20260318-r1
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, an attacker who controls the content_type parameter in aiohttp could use this to inject extra headers or similar exploits. This issue has been patched in version 3.13.4.
CVE-2026-34513HigApr 1, 2026
affected < 25.9.0_git20260318-r1fixed 25.9.0_git20260318-r1
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, an unbounded DNS cache could result in excessive memory usage possibly resulting in a DoS situation. This issue has been patched in version 3.13.4.
CVE-2026-22815HigApr 1, 2026
affected < 25.9.0_git20260318-r1fixed 25.9.0_git20260318-r1
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, insufficient restrictions in header/trailer handling could cause uncapped memory usage. This issue has been patched in version 3.13.4.
CVE-2026-25645Mar 25, 2026
affected < 25.9.0_git20260318-r0fixed 25.9.0_git20260318-r0
Requests is a HTTP library. Prior to version 2.33.0, the `requests.utils.extract_zipped_paths()` utility function uses a predictable filename when extracting files from zip archives into the system temporary directory. If the target file already exists, it is reused without valid
CVE-2026-26209Mar 23, 2026
affected < 25.9.0_git20260318-r0fixed 25.9.0_git20260318-r0
cbor2 provides encoding and decoding for the Concise Binary Object Representation (CBOR) serialization format. Versions prior to 5.9.0 are vulnerable to a Denial of Service (DoS) attack caused by uncontrolled recursion when decoding deeply nested CBOR structures. This vulnerabili
CVE-2026-4539LowMar 22, 2026
affected < 25.9.0_git20260318-r1fixed 25.9.0_git20260318-r1
A security flaw has been discovered in pygments up to 2.19.2. The impacted element is the function AdlLexer of the file pygments/lexers/archetype.py. The manipulation results in inefficient regular expression complexity. The attack is only possible with local access. The exploit
CVE-2026-25048Mar 5, 2026
affected < 25.9.0_git20260318-r0fixed 25.9.0_git20260318-r0
xgrammar is an open-source library for efficient, flexible, and portable structured generation. Prior to version 0.1.32, the multi-level nested syntax caused a segmentation fault (core dumped). This issue has been patched in version 0.1.32.
CVE-2026-27482Feb 21, 2026
affected < 25.9.0_git20251112-r7fixed 25.9.0_git20251112-r7
Ray is an AI compute engine. In versions 2.53.0 and below, thedashboard HTTP server blocks browser-origin POST/PUT but does not cover DELETE, and key DELETE endpoints are unauthenticated by default. If the dashboard/agent is reachable (e.g., --dashboard-host=0.0.0.0), a web page

Page 1 of 3