apk package
wolfi/open-webui
pkg:apk/wolfi/open-webui
Vulnerabilities (105)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-14009 | — | < 0.8.9-r0 | 0.8.9-r0 | Feb 18, 2026 | A critical vulnerability exists in the NLTK downloader component of nltk/nltk, affecting all versions. The _unzip_iter function in nltk/downloader.py uses zipfile.extractall() without performing path validation or security checks. This allows attackers to craft malicious zip pack | ||
| CVE-2026-25087 | — | < 0.9.6-r4 | 0.9.6-r4 | Feb 17, 2026 | Use After Free vulnerability in Apache Arrow C++. This issue affects Apache Arrow C++ from 15.0.0 through 23.0.0. It can be triggered when reading an Arrow IPC file (but not an IPC stream) with pre-buffering enabled, if the IPC file contains data with variadic buffers (such as B | ||
| CVE-2026-26013 | — | < 0.8.3-r0 | 0.8.3-r0 | Feb 10, 2026 | LangChain is a framework for building agents and LLM-powered applications. Prior to 1.2.11, the ChatOpenAI.get_num_tokens_from_messages() method fetches arbitrary image_url values without validation when computing token counts for vision-enabled models. This allows attackers to t | ||
| CVE-2026-26007 | — | < 0.8.3-r0 | 0.8.3-r0 | Feb 10, 2026 | cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to 46.0.5, the public_key_from_numbers (or EllipticCurvePublicNumbers.public_key()), EllipticCurvePublicNumbers.public_key(), load_der_public_key() and load_pem_public_ke | ||
| CVE-2026-24688 | — | < 0.8.3-r1 | 0.8.3-r1 | Jan 27, 2026 | pypdf is a free and open-source pure-python PDF library. An attacker who uses an infinite loop vulnerability that is present in versions prior to 6.6.2 can craft a PDF which leads to an infinite loop. This requires accessing the outlines/bookmarks. This has been fixed in pypdf 6. | ||
| CVE-2026-24486 | — | < 0.8.3-r0 | 0.8.3-r0 | Jan 27, 2026 | Python-Multipart is a streaming multipart parser for Python. Prior to version 0.0.22, a Path Traversal vulnerability exists when using non-default configuration options `UPLOAD_DIR` and `UPLOAD_KEEP_FILENAME=True`. An attacker can write uploaded files to arbitrary locations on th | ||
| CVE-2026-0994 | Hig | 7.5 | < 0.8.3-r0 | 0.8.3-r0 | Jan 23, 2026 | A denial-of-service (DoS) vulnerability exists in google.protobuf.json_format.ParseDict() in Python, where the max_recursion_depth limit can be bypassed when parsing nested google.protobuf.Any messages. Due to missing recursion depth accounting inside the internal Any-handling l | |
| CVE-2025-71176 | Med | 6.8 | < 0.9.2-r0 | 0.9.2-r0 | Jan 22, 2026 | pytest through 9.0.2 on UNIX relies on directories with the /tmp/pytest-of-{user} name pattern, which allows local users to cause a denial of service or possibly gain privileges. | |
| CVE-2026-24049 | — | < 0.8.3-r0 | 0.8.3-r0 | Jan 22, 2026 | wheel is a command line tool for manipulating Python wheel files, as defined in PEP 427. In versions 0.40.0 through 0.46.1, the unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the fil | ||
| CVE-2026-23949 | — | < 0.7.2-r1 | 0.7.2-r1 | Jan 20, 2026 | jaraco.context, an open-source software package that provides some useful decorators and context managers, has a Zip Slip path traversal vulnerability in the `jaraco.context.tarball()` function starting in version 5.2.0 and prior to version 6.1.0. The vulnerability may allow atta | ||
| CVE-2026-23490 | — | < 0.7.2-r1 | 0.7.2-r1 | Jan 16, 2026 | pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.2, a Denial-of-Service issue has been found that leads to memory exhaustion from malformed RELATIVE-OID with excessive continuation octets. This vulnerability is fixed in 0.6.2. | ||
| CVE-2026-21226 | — | < 0.7.2-r1 | 0.7.2-r1 | Jan 13, 2026 | Deserialization of untrusted data in Azure Core shared client library for Python allows an authorized attacker to execute code over a network. | ||
| CVE-2026-22691 | — | < 0.7.2-r0 | 0.7.2-r0 | Jan 10, 2026 | pypdf is a free and open-source pure-python PDF library. Prior to version 6.6.0, pypdf has possible long runtimes for malformed startxref. An attacker who uses this vulnerability can craft a PDF which leads to possibly long runtimes for invalid startxref entries. When rebuilding | ||
| CVE-2026-22690 | — | < 0.7.2-r0 | 0.7.2-r0 | Jan 10, 2026 | pypdf is a free and open-source pure-python PDF library. Prior to version 6.6.0, pypdf has possible long runtimes for missing /Root object with large /Size values. An attacker who uses this vulnerability can craft a PDF which leads to possibly long runtimes for actually invalid f | ||
| CVE-2026-21441 | — | < 0.9.2-r0 | 0.9.2-r0 | Jan 7, 2026 | urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression b | ||
| CVE-2025-69230 | — | < 0.6.43-r1 | 0.6.43-r1 | Jan 5, 2026 | AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. In versions 3.13.2 and below, reading multiple invalid cookies can lead to a logging storm. If the cookies attribute is accessed in an application, then an attacker may be able to trigger a storm of w | ||
| CVE-2025-69229 | — | < 0.6.43-r1 | 0.6.43-r1 | Jan 5, 2026 | AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. In versions 3.13.2 and below, handling of chunked messages can result in excessive blocking CPU usage when receiving a large number of chunks. If an application makes use of the request.read() method | ||
| CVE-2025-69228 | — | < 0.6.43-r1 | 0.6.43-r1 | Jan 5, 2026 | AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow a request to be crafted in such a way that an AIOHTTP server's memory fills up uncontrollably during processing. If an application includes a handler that uses the Requ | ||
| CVE-2025-69227 | — | < 0.6.43-r1 | 0.6.43-r1 | Jan 5, 2026 | AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow for an infinite loop to occur when assert statements are bypassed, resulting in a DoS attack when processing a POST body. If optimizations are enabled (-O or PYTHONOPTI | ||
| CVE-2025-69225 | — | < 0.6.43-r1 | 0.6.43-r1 | Jan 5, 2026 | AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below contain parser logic which allows non-ASCII decimals to be present in the Range header. There is no known impact, but there is the possibility that there's a method to exploi |
- CVE-2025-14009Feb 18, 2026affected < 0.8.9-r0fixed 0.8.9-r0
A critical vulnerability exists in the NLTK downloader component of nltk/nltk, affecting all versions. The _unzip_iter function in nltk/downloader.py uses zipfile.extractall() without performing path validation or security checks. This allows attackers to craft malicious zip pack
- CVE-2026-25087Feb 17, 2026affected < 0.9.6-r4fixed 0.9.6-r4
Use After Free vulnerability in Apache Arrow C++. This issue affects Apache Arrow C++ from 15.0.0 through 23.0.0. It can be triggered when reading an Arrow IPC file (but not an IPC stream) with pre-buffering enabled, if the IPC file contains data with variadic buffers (such as B
- CVE-2026-26013Feb 10, 2026affected < 0.8.3-r0fixed 0.8.3-r0
LangChain is a framework for building agents and LLM-powered applications. Prior to 1.2.11, the ChatOpenAI.get_num_tokens_from_messages() method fetches arbitrary image_url values without validation when computing token counts for vision-enabled models. This allows attackers to t
- CVE-2026-26007Feb 10, 2026affected < 0.8.3-r0fixed 0.8.3-r0
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to 46.0.5, the public_key_from_numbers (or EllipticCurvePublicNumbers.public_key()), EllipticCurvePublicNumbers.public_key(), load_der_public_key() and load_pem_public_ke
- CVE-2026-24688Jan 27, 2026affected < 0.8.3-r1fixed 0.8.3-r1
pypdf is a free and open-source pure-python PDF library. An attacker who uses an infinite loop vulnerability that is present in versions prior to 6.6.2 can craft a PDF which leads to an infinite loop. This requires accessing the outlines/bookmarks. This has been fixed in pypdf 6.
- CVE-2026-24486Jan 27, 2026affected < 0.8.3-r0fixed 0.8.3-r0
Python-Multipart is a streaming multipart parser for Python. Prior to version 0.0.22, a Path Traversal vulnerability exists when using non-default configuration options `UPLOAD_DIR` and `UPLOAD_KEEP_FILENAME=True`. An attacker can write uploaded files to arbitrary locations on th
- affected < 0.8.3-r0fixed 0.8.3-r0
A denial-of-service (DoS) vulnerability exists in google.protobuf.json_format.ParseDict() in Python, where the max_recursion_depth limit can be bypassed when parsing nested google.protobuf.Any messages. Due to missing recursion depth accounting inside the internal Any-handling l
- affected < 0.9.2-r0fixed 0.9.2-r0
pytest through 9.0.2 on UNIX relies on directories with the /tmp/pytest-of-{user} name pattern, which allows local users to cause a denial of service or possibly gain privileges.
- CVE-2026-24049Jan 22, 2026affected < 0.8.3-r0fixed 0.8.3-r0
wheel is a command line tool for manipulating Python wheel files, as defined in PEP 427. In versions 0.40.0 through 0.46.1, the unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the fil
- CVE-2026-23949Jan 20, 2026affected < 0.7.2-r1fixed 0.7.2-r1
jaraco.context, an open-source software package that provides some useful decorators and context managers, has a Zip Slip path traversal vulnerability in the `jaraco.context.tarball()` function starting in version 5.2.0 and prior to version 6.1.0. The vulnerability may allow atta
- CVE-2026-23490Jan 16, 2026affected < 0.7.2-r1fixed 0.7.2-r1
pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.2, a Denial-of-Service issue has been found that leads to memory exhaustion from malformed RELATIVE-OID with excessive continuation octets. This vulnerability is fixed in 0.6.2.
- CVE-2026-21226Jan 13, 2026affected < 0.7.2-r1fixed 0.7.2-r1
Deserialization of untrusted data in Azure Core shared client library for Python allows an authorized attacker to execute code over a network.
- CVE-2026-22691Jan 10, 2026affected < 0.7.2-r0fixed 0.7.2-r0
pypdf is a free and open-source pure-python PDF library. Prior to version 6.6.0, pypdf has possible long runtimes for malformed startxref. An attacker who uses this vulnerability can craft a PDF which leads to possibly long runtimes for invalid startxref entries. When rebuilding
- CVE-2026-22690Jan 10, 2026affected < 0.7.2-r0fixed 0.7.2-r0
pypdf is a free and open-source pure-python PDF library. Prior to version 6.6.0, pypdf has possible long runtimes for missing /Root object with large /Size values. An attacker who uses this vulnerability can craft a PDF which leads to possibly long runtimes for actually invalid f
- CVE-2026-21441Jan 7, 2026affected < 0.9.2-r0fixed 0.9.2-r0
urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression b
- CVE-2025-69230Jan 5, 2026affected < 0.6.43-r1fixed 0.6.43-r1
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. In versions 3.13.2 and below, reading multiple invalid cookies can lead to a logging storm. If the cookies attribute is accessed in an application, then an attacker may be able to trigger a storm of w
- CVE-2025-69229Jan 5, 2026affected < 0.6.43-r1fixed 0.6.43-r1
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. In versions 3.13.2 and below, handling of chunked messages can result in excessive blocking CPU usage when receiving a large number of chunks. If an application makes use of the request.read() method
- CVE-2025-69228Jan 5, 2026affected < 0.6.43-r1fixed 0.6.43-r1
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow a request to be crafted in such a way that an AIOHTTP server's memory fills up uncontrollably during processing. If an application includes a handler that uses the Requ
- CVE-2025-69227Jan 5, 2026affected < 0.6.43-r1fixed 0.6.43-r1
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow for an infinite loop to occur when assert statements are bypassed, resulting in a DoS attack when processing a POST body. If optimizations are enabled (-O or PYTHONOPTI
- CVE-2025-69225Jan 5, 2026affected < 0.6.43-r1fixed 0.6.43-r1
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below contain parser logic which allows non-ASCII decimals to be present in the Range header. There is no known impact, but there is the possibility that there's a method to exploi
Page 4 of 6