VYPR

apk package

wolfi/open-webui

pkg:apk/wolfi/open-webui

Vulnerabilities (105)

  • CVE-2025-54121MedJul 21, 2025
    affected < 0.6.18-r1fixed 0.6.18-r1

    Starlette is a lightweight ASGI (Asynchronous Server Gateway Interface) framework/toolkit, designed for building async web services in Python. In versions 0.47.1 and below, when parsing a multi-part form with large files (greater than the default max spool size) starlette will bl

  • CVE-2025-48379Jul 1, 2025
    affected < 0.6.36-r0fixed 0.6.36-r0

    Pillow is a Python imaging library. In versions 11.2.0 to before 11.3.0, there is a heap buffer overflow when writing a sufficiently large (>64k encoded with default settings) image in the DDS format due to writing into a buffer without checking for available space. This only aff

  • CVE-2025-50182Jun 19, 2025
    affected < 0.6.36-r0fixed 0.6.36-r0

    urllib3 is a user-friendly HTTP client library for Python. Starting in version 2.2.0 and prior to 2.5.0, urllib3 does not control redirects in browsers and Node.js. urllib3 supports being used in a Pyodide runtime utilizing the JavaScript Fetch API or falling back on XMLHttpReque

  • CVE-2025-3000Mar 31, 2025
    affected < 0.9.6-r5fixed 0.9.6-r5

    A vulnerability classified as critical has been found in PyTorch 2.6.0. This affects the function torch.jit.script. The manipulation leads to memory corruption. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.

  • CVE-2024-28219Apr 3, 2024
    affected < 0.6.36-r0fixed 0.6.36-r0

    In _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy.

Page 6 of 6