7a0da7932b
Backwards Compatibility / Verify Encryption Constants (push) Waiting to run
Backwards Compatibility / PyPI Version Compatibility (push) Waiting to run
Backwards Compatibility / Database Migration Tests (push) Waiting to run
CodeQL Advanced / Analyze (javascript-typescript) (push) Waiting to run
CodeQL Advanced / Analyze (python) (push) Waiting to run
Docker Tests (Consolidated) / UI Tests (Puppeteer) [research-form] (push) Blocked by required conditions
Docker Tests (Consolidated) / UI Tests (Puppeteer) [research-metrics] (push) Blocked by required conditions
Docker Tests (Consolidated) / UI Tests (Puppeteer) [research-workflow] (push) Blocked by required conditions
Docker Tests (Consolidated) / UI Tests (Puppeteer) [settings-core] (push) Blocked by required conditions
Docker Tests (Consolidated) / UI Tests (Puppeteer) [settings-pages] (push) Blocked by required conditions
Docker Tests (Consolidated) / UI Tests (Puppeteer) [history-news] (push) Blocked by required conditions
Docker Tests (Consolidated) / UI Tests (Puppeteer) [library] (push) Blocked by required conditions
Docker Tests (Consolidated) / UI Tests (Puppeteer) [link-analytics] (push) Blocked by required conditions
Docker Tests (Consolidated) / UI Tests (Puppeteer) [mobile] (push) Blocked by required conditions
Docker Tests (Consolidated) / detect-changes (push) Waiting to run
Docker Tests (Consolidated) / Build Test Image (push) Waiting to run
Docker Tests (Consolidated) / All Pytest Tests + Coverage (push) Blocked by required conditions
Docker Tests (Consolidated) / UI Tests (Puppeteer) [accessibility] (push) Blocked by required conditions
Docker Tests (Consolidated) / UI Tests (Puppeteer) [api-crud] (push) Blocked by required conditions
Docker Tests (Consolidated) / UI Tests (Puppeteer) [auth-login] (push) Blocked by required conditions
Docker Tests (Consolidated) / UI Tests (Puppeteer) [auth-pages] (push) Blocked by required conditions
Docker Tests (Consolidated) / UI Tests (Puppeteer) [auth-register] (push) Blocked by required conditions
Docker Tests (Consolidated) / UI Tests (Puppeteer) [chat-core] (push) Blocked by required conditions
Docker Tests (Consolidated) / UI Tests (Puppeteer) [chat-lifecycle] (push) Blocked by required conditions
Docker Tests (Consolidated) / UI Tests (Puppeteer) [error-benchmark] (push) Blocked by required conditions
Docker Tests (Consolidated) / UI Tests (Puppeteer) (push) Blocked by required conditions
Docker Tests (Consolidated) / Accessibility Tests (push) Blocked by required conditions
Docker Tests (Consolidated) / LLM Unit Tests (push) Blocked by required conditions
Docker Tests (Consolidated) / LLM Example Tests (push) Blocked by required conditions
Docker Tests (Consolidated) / Production Image Smoke Test (push) Blocked by required conditions
Docker Tests (Consolidated) / Infrastructure Tests (push) Blocked by required conditions
OSSF Scorecard / OSSF Security Scorecard Analysis (push) Waiting to run
Create Release / test-gate (push) Blocked by required conditions
Create Release / release-gate (push) Blocked by required conditions
Create Release / ci-gate (push) Blocked by required conditions
Create Release / version-check (push) Waiting to run
Create Release / e2e-test-gate (push) Blocked by required conditions
Create Release / responsive-test-gate (push) Blocked by required conditions
Create Release / compat-test-gate (push) Blocked by required conditions
Create Release / compose-integration-gate (push) Blocked by required conditions
Create Release / vulture-gate (push) Blocked by required conditions
Create Release / build (push) Blocked by required conditions
Create Release / provenance (push) Blocked by required conditions
Create Release / prerelease-docker (push) Blocked by required conditions
Create Release / publish-docker (push) Blocked by required conditions
Create Release / create-release (push) Blocked by required conditions
Create Release / cleanup-changelog (push) Blocked by required conditions
Create Release / trigger-pypi (push) Blocked by required conditions
Create Release / monitor-pypi (push) Blocked by required conditions
Create Release / Clean up orphan prerelease tags and signatures (push) Blocked by required conditions
OSV-Scanner (Scheduled) / scan-scheduled (push) Failing after 0s
501 lines
34 KiB
YAML
501 lines
34 KiB
YAML
# Grype vulnerability ignore file
|
|
# Companion to .trivyignore — same suppression policy, different scanner.
|
|
# See: https://github.com/anchore/grype#specifying-matches-to-ignore
|
|
#
|
|
# Review Policy: All suppressions should be reviewed periodically.
|
|
# Last full review: 2026-04-17
|
|
|
|
ignore:
|
|
# ==========================================================================
|
|
# UNFIXABLE VULNERABILITIES — auto-ignored by fix state (no per-CVE entry).
|
|
# ==========================================================================
|
|
# Suppress only CVEs with NO available fix: Grype fix-state `not-fixed`
|
|
# (affected, no fix yet) and `wont-fix` (vendor declines to fix). This is the
|
|
# "no fix in Debian Trixie / won't-fix upstream" class we can't act on and
|
|
# were hand-listing CVE-by-CVE — it ends that treadmill.
|
|
#
|
|
# Vulnerabilities that CAN be fixed by a version upgrade (fix-state `fixed`)
|
|
# are deliberately NOT matched here, so they still surface and reach the gate
|
|
# — those are the actionable ones we want to see. `unknown` fix-state is also
|
|
# left visible. Severity cutoff is unchanged (still medium); this filters by
|
|
# fixability only, not by severity.
|
|
#
|
|
# Debian caveat: Grype maps Debian `<no-dsa>` to fix-state `wont-fix`
|
|
# (anchore/grype#386). Such CVEs can still get a later point-release fix —
|
|
# and when they do, Grype flips them to `fixed`, so they resurface here as
|
|
# upgradeable, exactly when we want them. Nothing permanently upgradeable is
|
|
# hidden; only the current no-fix window is muted.
|
|
# Ref: https://oss.anchore.com/docs/reference/grype/configuration/
|
|
- fix-state: not-fixed
|
|
- fix-state: wont-fix
|
|
|
|
# ==========================================================================
|
|
# DISPUTED CVEs (upstream and all major distros agree: not a security issue)
|
|
# ==========================================================================
|
|
|
|
# --- libc6/libc-bin (glibc) ---
|
|
- vulnerability: CVE-2019-1010022
|
|
reason: "Disputed by upstream glibc and all major distros. Mitigation bypass, not standalone vuln."
|
|
- vulnerability: CVE-2019-1010023
|
|
reason: "Library remapping via ldd. Upstream: not a security issue. Debian: unimportant."
|
|
- vulnerability: CVE-2019-1010024
|
|
reason: "ASLR bypass via thread stack cache. Upstream: not a security issue. Debian: unimportant."
|
|
- vulnerability: CVE-2019-1010025
|
|
reason: "ASLR bypass via heap addresses. Upstream: not a vulnerability. Debian: unimportant."
|
|
- vulnerability: CVE-2010-4756
|
|
reason: "POSIX glob resource limit. Debian: unimportant. Apps must impose own limits (by design)."
|
|
- vulnerability: CVE-2019-9192
|
|
reason: "Regex recursion with crafted pattern. Upstream disputes. Debian: unimportant."
|
|
- vulnerability: CVE-2018-20796
|
|
reason: "Regex recursion with crafted pattern. Upstream: not a vulnerability. Debian: unimportant."
|
|
|
|
# --- tar ---
|
|
- vulnerability: CVE-2005-2541
|
|
reason: "Disputed. Expected tar behavior (setuid/setgid preserved), not a bug. All distros: won't-fix."
|
|
|
|
# --- coreutils ---
|
|
- vulnerability: CVE-2017-18018
|
|
reason: "Upstream chose documentation-only fix. Container doesn't use chown -R -L."
|
|
|
|
# --- libglib2.0 ---
|
|
- vulnerability: CVE-2012-0039
|
|
reason: "Hash collision DoS in g_str_hash. Disputed by vendor. Debian: unimportant."
|
|
|
|
# --- systemd (libsystemd0/libudev1) ---
|
|
- vulnerability: CVE-2013-4392
|
|
reason: "Symlink attack in tmpfiles. Only relevant with SELinux. Debian: unimportant. No SELinux in container."
|
|
- vulnerability: CVE-2023-31437
|
|
reason: "Sealed journal log hiding. Disputed by upstream. Debian: unimportant."
|
|
- vulnerability: CVE-2023-31438
|
|
reason: "Sealed journal truncation bypass. Disputed by upstream. Debian: unimportant."
|
|
- vulnerability: CVE-2023-31439
|
|
reason: "Sealed journal event modification. Disputed by upstream. Debian: unimportant."
|
|
|
|
# --- shadow (passwd/login.defs) ---
|
|
- vulnerability: CVE-2007-5686
|
|
reason: "btmp file permissions (rPath Linux). Debian: unimportant. LOG_UNKFAIL_ENAB=no mitigates."
|
|
- vulnerability: CVE-2024-56433
|
|
reason: "Default subuid range overlap with network UIDs. Disputed minor issue. No NFS in container."
|
|
|
|
# --- perl ---
|
|
- vulnerability: CVE-2011-4116
|
|
reason: "File::Temp symlink handling. Debian: unimportant. No untrusted temp file ops."
|
|
|
|
# --- apt ---
|
|
- vulnerability: CVE-2011-3374
|
|
reason: "apt-key GPG validation. Not exploitable in Debian (no keyring URI defined). Debian: unimportant."
|
|
|
|
# ==========================================================================
|
|
# CHROMIUM (Playwright-bundled Chromium 145.0.7632.6)
|
|
# Fixes require 145.0.7632.45+ (DSA-6135-1) or 145.0.7632.109+ (DSA-6146-1).
|
|
# Will auto-resolve when Playwright 1.59 ships with Chromium 146.0.7680.0.
|
|
# Container runs headless Chrome for scraping only.
|
|
# ==========================================================================
|
|
- vulnerability: CVE-2026-3061
|
|
package: { name: chrome, type: binary }
|
|
reason: "OOB read in Media. Playwright 1.58 bundles pre-fix Chromium. Headless scraping only."
|
|
- vulnerability: CVE-2026-3062
|
|
package: { name: chrome, type: binary }
|
|
reason: "OOB read/write in Tint (WebGPU). Playwright 1.58 bundles pre-fix Chromium. Headless scraping only."
|
|
- vulnerability: CVE-2026-3063
|
|
reason: "DevTools issue via malicious extension. Container runs headless for scraping."
|
|
- vulnerability: CVE-2026-2313
|
|
reason: "UAF in CSS. Playwright 1.58 bundles pre-fix Chromium. Headless scraping only."
|
|
- vulnerability: CVE-2026-2314
|
|
reason: "Heap overflow in Codecs. Playwright 1.58 bundles pre-fix Chromium. Headless scraping only."
|
|
- vulnerability: CVE-2026-2315
|
|
package: { name: chrome, type: binary }
|
|
reason: "Inappropriate impl in WebGPU. Playwright 1.58 bundles pre-fix Chromium. Headless scraping only."
|
|
- vulnerability: CVE-2026-2316
|
|
package: { name: chrome, type: binary }
|
|
reason: "Insufficient policy in Frames. Playwright 1.58 bundles pre-fix Chromium. Headless scraping only."
|
|
- vulnerability: CVE-2026-2317
|
|
package: { name: chrome, type: binary }
|
|
reason: "Inappropriate impl in Animation. Playwright 1.58 bundles pre-fix Chromium. Headless scraping only."
|
|
- vulnerability: CVE-2026-2318
|
|
package: { name: chrome, type: binary }
|
|
reason: "Inappropriate impl in PictureInPicture. Playwright 1.58 bundles pre-fix Chromium. Headless only."
|
|
- vulnerability: CVE-2026-2319
|
|
package: { name: chrome, type: binary }
|
|
reason: "Race condition in DevTools. Playwright 1.58 bundles pre-fix Chromium. Headless scraping only."
|
|
- vulnerability: CVE-2026-2320
|
|
package: { name: chrome, type: binary }
|
|
reason: "Inappropriate impl in File input. Playwright 1.58 bundles pre-fix Chromium. Headless only."
|
|
- vulnerability: CVE-2026-2321
|
|
reason: "UAF in Ozone. Playwright 1.58 bundles pre-fix Chromium. Headless scraping only."
|
|
- vulnerability: CVE-2026-2322
|
|
package: { name: chrome, type: binary }
|
|
reason: "Heap overflow in Codecs. Playwright 1.58 bundles pre-fix Chromium. Headless scraping only."
|
|
- vulnerability: CVE-2026-2323
|
|
package: { name: chrome, type: binary }
|
|
reason: "Inappropriate impl in Downloads. Playwright 1.58 bundles pre-fix Chromium. Headless only."
|
|
- vulnerability: CVE-2026-2441
|
|
reason: "UAF in CSS. Playwright 1.58 bundles pre-fix Chromium. Headless scraping only."
|
|
- vulnerability: CVE-2026-2648
|
|
reason: "Heap overflow in PDFium. Playwright 1.58 bundles pre-fix Chromium. Headless scraping only."
|
|
- vulnerability: CVE-2026-2649
|
|
package: { name: chrome, type: binary }
|
|
reason: "Integer overflow in V8. Playwright 1.58 bundles pre-fix Chromium. Headless scraping only."
|
|
- vulnerability: CVE-2026-2650
|
|
package: { name: chrome, type: binary }
|
|
reason: "Heap overflow in Media. Playwright 1.58 bundles pre-fix Chromium. Headless scraping only."
|
|
|
|
# ==========================================================================
|
|
# NODE.JS (patchright-bundled Node 24.16.0 at patchright/driver/node)
|
|
# All fixed in Node 24.17.0 (2026-06-18 security release). patchright 1.61.2
|
|
# (latest on PyPI as of 2026-07-09) predates the fix and bundles Node 24.16.0.
|
|
# patchright is a transitive dep of crawl4ai; the driver/node binary is not
|
|
# invoked in the default configuration (web.enable_javascript_rendering
|
|
# defaults to false), and the production image does not install
|
|
# Playwright/patchright browsers (see Dockerfile note at the ldr stage), so
|
|
# the bundled driver/node is dead weight. Auto-resolves when patchright ships
|
|
# a rebuild with Node 24.17.0+.
|
|
# Severities in the reasons below are the Node.js/GHSA vendor CVSS ratings.
|
|
# GitHub's Grype alerts show NVD's context-free auto-scores for some of
|
|
# them (CVE-2026-48930 "Critical" 9.8, CVE-2026-48615 / -48619 "High" 7.5);
|
|
# the vendor ratings are the authoritative ones — the suppressions are not
|
|
# downplaying the alerts.
|
|
# Entries are scoped to the bundled binary (package: node, type: binary) —
|
|
# matching the Chromium block above — so the same CVE ID on an unrelated
|
|
# future node package would not be silently suppressed.
|
|
# (The earlier Node 24.13.0 entries — CVE-2026-21710 / -21712..-21717 — were
|
|
# fixed in Node 24.14.1, which the bundled 24.15.0/24.16.0 supersedes, so
|
|
# they no longer match and were removed.)
|
|
# ==========================================================================
|
|
- vulnerability: CVE-2026-48933
|
|
package: { name: node, type: binary }
|
|
reason: "High WebCrypto AES DoS (subtle.encrypt() input multiple of 2 GiB crashes the process) in Node <24.17.0. Browser-driver node is not invoked in default config. Patchright-bundled driver/node 24.16.0; fixed in Node 24.17.0."
|
|
- vulnerability: CVE-2026-48618
|
|
package: { name: node, type: binary }
|
|
reason: "High TLS wildcard-depth authentication bypass via unicode dot-separator normalisation mismatch in Node <24.17.0. Browser-driver node is not invoked in default config. Patchright-bundled driver/node 24.16.0; fixed in Node 24.17.0."
|
|
- vulnerability: CVE-2026-48615
|
|
package: { name: node, type: binary }
|
|
reason: "Medium proxy-credentials leak in ERR_PROXY_TUNNEL error messages in Node <24.17.0. Browser-driver node is never launched with proxy URLs. Patchright-bundled driver/node 24.16.0; fixed in Node 24.17.0."
|
|
- vulnerability: CVE-2026-48619
|
|
package: { name: node, type: binary }
|
|
reason: "Medium HTTP/2 client OOM via attacker-controlled ORIGIN frames in Node <24.17.0. Exploitable only when the node process is an HTTP/2 client against an attacker-positioned server; browser-driver node never acts as one. Patchright-bundled driver/node 24.16.0; fixed in Node 24.17.0."
|
|
- vulnerability: CVE-2026-48928
|
|
package: { name: node, type: binary }
|
|
reason: "Medium mTLS authorisation bypass via case-sensitive SNI context matching in Node <24.17.0. Browser-driver node is not invoked in default config. Patchright-bundled driver/node 24.16.0; fixed in Node 24.17.0."
|
|
- vulnerability: CVE-2026-48930
|
|
package: { name: node, type: binary }
|
|
reason: "Medium TLS hostname rebinding via embedded-NUL C-string truncation in resolver bindings in Node <24.17.0. Browser-driver node is not invoked in default config. Patchright-bundled driver/node 24.16.0; fixed in Node 24.17.0."
|
|
- vulnerability: CVE-2026-48934
|
|
package: { name: node, type: binary }
|
|
reason: "Medium TLS host-identity verification bypass via session reuse with different servername in Node <24.17.0. Browser-driver node is not invoked in default config. Patchright-bundled driver/node 24.16.0; fixed in Node 24.17.0."
|
|
- vulnerability: CVE-2026-48935
|
|
package: { name: node, type: binary }
|
|
reason: "Low Permission Model bypass via FileHandle.utimes() promises API in Node <24.17.0. Requires --permission opt-in; browser-driver node is never launched with it. Patchright-bundled driver/node 24.16.0; fixed in Node 24.17.0."
|
|
- vulnerability: CVE-2026-48937
|
|
package: { name: node, type: binary }
|
|
reason: "Medium HTTP/2 server DoS (server keeps accepting data after GOAWAY/RST) in Node <24.17.0. Exploitable only against a running Node.js HTTP/2 server; patchright's browser-driver node never starts one. Patchright-bundled driver/node 24.16.0; not invoked in default config."
|
|
- vulnerability: CVE-2026-48617
|
|
package: { name: node, type: binary }
|
|
reason: "Low Permission Model bypass via process.report.writeReport() in Node <24.17.0. Requires the process to opt into Node's experimental --permission model; the browser-driver node is never launched with it. Patchright-bundled driver/node 24.16.0; not invoked in default config."
|
|
- vulnerability: CVE-2026-48931
|
|
package: { name: node, type: binary }
|
|
reason: "Low (CVSS 3.7) TOCTOU race in Node's http.Agent (HTTP response queue poisoning) in Node <24.17.0. Exploitable only when the node process acts as an HTTP client against an attacker-positioned server; patchright's browser-driver node is not invoked in default config. Patchright-bundled driver/node 24.16.0; fixed in Node 24.17.0."
|
|
|
|
# ==========================================================================
|
|
# CPYTHON (base-image binary /usr/local/bin/python3.14)
|
|
# The binary-cataloged CPython is matched via NVD CPE data, which carries
|
|
# no fix information, so Grype reports its fix-state as "unknown" — the
|
|
# fix-state: not-fixed auto-rule at the top of this file deliberately does
|
|
# NOT hide unknown, so an explicit entry is needed (empirically confirmed:
|
|
# the 2026-07-11 release-gate scan still flagged it with the auto-rule
|
|
# active, contrary to the assumption in PR #5032).
|
|
# ==========================================================================
|
|
- vulnerability: CVE-2026-4360
|
|
package: { name: python, type: binary }
|
|
reason: "Low tarfile uid/gid extraction-filter gap (GHSA-gf2w-jqmq-fcm8). No fixed release exists yet: Python 3.14.7 is scheduled 2026-08-04 (PEP 745). NVD-CPE binary match carries fix-state unknown, so the not-fixed auto-rule misses it. Remove when the base image ships Python 3.14.7+."
|
|
- vulnerability: CVE-2026-15308
|
|
package: { name: python, type: binary }
|
|
reason: "High (PSF CVSS4 8.7 / NVD 7.5) html.parser quadratic CPU DoS needing unterminated constructs across many incremental feed() calls (PSF-2026-33). Not reachable: all html.parser use is single-shot BeautifulSoup feed(markup); lxml uses libxml2. No fixed release yet: 3.14.7 due 2026-08-04 (PEP 745). NVD-CPE binary match has fix-state unknown. Remove when the base image ships 3.14.7+."
|
|
|
|
# ==========================================================================
|
|
# NO FIX AVAILABLE IN DEBIAN TRIXIE
|
|
# ==========================================================================
|
|
|
|
# --- libc6/libc-bin (needs glibc >=2.43, some >=2.44; Trixie has 2.41) ---
|
|
- vulnerability: CVE-2026-0861
|
|
reason: "Heap overflow in memalign. Needs glibc 2.43, Trixie has 2.41. Debian no-dsa."
|
|
- vulnerability: CVE-2026-0915
|
|
reason: "NSS DNS info disclosure. Needs glibc 2.43, Trixie has 2.41. Debian no-dsa."
|
|
- vulnerability: CVE-2025-15281
|
|
reason: "wordexp uninitialized memory. Needs glibc 2.43, Trixie has 2.41. Debian no-dsa."
|
|
- vulnerability: CVE-2026-4046
|
|
reason: "High CVE in libc6/libc-bin glibc 2.41. Debian trixie postponed (minor; revisit when upstream fixes). No fix in trixie or sid yet."
|
|
- vulnerability: CVE-2026-5358
|
|
reason: "Buffer overflow in obsolete nis_local_principal. NIS deprecated since glibc 2.26. Needs glibc 2.44, Trixie has 2.41. Container does not use NIS."
|
|
- vulnerability: CVE-2026-5450
|
|
reason: "One-byte heap overflow in scanf %mc with width>1024. Needs glibc 2.44, Trixie has 2.41. Python never calls scanf with such format strings. Debian bug #1134543."
|
|
- vulnerability: CVE-2026-5928
|
|
reason: "Buffer under-read in ungetwc on wrong buffer pointer. Needs glibc 2.44, Trixie has 2.41. Info disclosure requires non-Unicode encodings; Python does not call ungetwc directly. Debian bug #1134544."
|
|
- vulnerability: CVE-2026-5435
|
|
reason: "Buffer overflow in deprecated ns_sprintrrf TSIG handling. Needs glibc 2.43, Trixie has 2.41. Debian no-dsa. Container never calls deprecated DNS print functions."
|
|
- vulnerability: CVE-2026-6238
|
|
reason: "Buffer overread in deprecated ns_printrrf RDATA validation. Needs glibc 2.43, Trixie has 2.41. Debian no-dsa. Container never calls deprecated DNS print functions."
|
|
|
|
# --- libtiff6 (transitive dep via libgdk-pixbuf for WeasyPrint) ---
|
|
# Fix in 4.7.1-1 (sid only), Trixie has 4.7.0-3+deb13u1
|
|
- vulnerability: CVE-2025-61144
|
|
reason: "Stack overflow in readSeparateStripsIntoBuffer. Debian: no security impact. Sid only."
|
|
- vulnerability: CVE-2025-8176
|
|
reason: "Crash in tiffmedian CLI tool, no security impact. Not backported to Trixie."
|
|
- vulnerability: CVE-2025-8177
|
|
reason: "Crash in thumbnail CLI tool, no security impact. Not backported to Trixie."
|
|
- vulnerability: CVE-2025-61145
|
|
reason: "Double free in tiffcrop CLI tool, no security impact. Not backported to Trixie."
|
|
- vulnerability: CVE-2025-61143
|
|
reason: "NULL deref in tif_open.c CLI tool, no security impact. Not backported to Trixie."
|
|
- vulnerability: CVE-2017-16232
|
|
reason: "Memory leak DoS in libtiff. Upstream won't fully fix. Debian: unimportant."
|
|
- vulnerability: CVE-2018-10126
|
|
reason: "NULL deref in tiff2pdf via libjpeg. Debian: unimportant. CLI tool crash only."
|
|
- vulnerability: CVE-2022-1210
|
|
reason: "DoS in tiff2ps CLI tool. Debian: no-dsa. CLI tool crash only."
|
|
- vulnerability: CVE-2025-8534
|
|
reason: "NULL deref in tiff2ps. Debian: unimportant. CLI tool crash, fixed in sid 4.7.1-1."
|
|
- vulnerability: CVE-2026-4775
|
|
reason: "High vuln in libtiff6. Transitive dep via libgdk-pixbuf for WeasyPrint. No fix in Trixie yet."
|
|
|
|
# --- libjbig0 (jbigkit) ---
|
|
- vulnerability: CVE-2017-9937
|
|
reason: "JBIG memory alloc failure. Debian: unimportant. Actually a jbigkit bug, not libtiff."
|
|
|
|
# --- libcairo2 ---
|
|
- vulnerability: CVE-2017-7475
|
|
reason: "NULL deref in FT_Load_Glyph. Debian: minor/ignored. Crash only, no security impact."
|
|
- vulnerability: CVE-2018-18064
|
|
reason: "OOB stack write via WebKitGTK+. Upstream: negligible. Debian: unimportant."
|
|
- vulnerability: CVE-2025-50422
|
|
reason: "Assertion failure in font handling. Debian trixie no-dsa. Crash, no security impact."
|
|
|
|
# --- libexpat1 ---
|
|
- vulnerability: CVE-2025-59375
|
|
reason: "Memory amplification via small XML. Needs expat 2.7.2, Trixie has 2.7.1. Debian no-dsa."
|
|
- vulnerability: CVE-2025-66382
|
|
reason: "2 MiB XML causes DoS via slow parsing. Debian: minor, postponed. Needs expat >2.7.3."
|
|
- vulnerability: CVE-2026-24515
|
|
reason: "External entity parser missing encoding handler copy. Debian trixie no-dsa. Sid 2.7.4-1."
|
|
- vulnerability: CVE-2026-25210
|
|
reason: "Integer overflow in doContent tag buffer realloc. Debian trixie no-dsa. Sid 2.7.4-1."
|
|
- vulnerability: CVE-2026-32776
|
|
reason: "NULL deref in empty external parameter entity. Needs expat 2.7.5, not in Trixie or sid. DoS only (CVSS 4.0). API XML uses defusedxml; XML upload uses lxml/libxml2 (not expat)."
|
|
- vulnerability: CVE-2026-32777
|
|
reason: "Infinite loop in DTD parsing. Needs expat 2.7.5, not in Trixie or sid. Local attack vector, DoS only (CVSS 4.0). API XML uses defusedxml; XML upload uses lxml/libxml2 (not expat)."
|
|
- vulnerability: CVE-2026-32778
|
|
reason: "NULL deref in setContext after OOM. Needs expat 2.7.5, not in Trixie or sid. CNA CVSS 2.9 Low / NIST CVSS 5.5 Medium. Requires OOM precondition."
|
|
- vulnerability: CVE-2026-50219
|
|
reason: "UAF via reentrant parser calls from handlers in expat <2.8.2. Unfixed upstream and in sid (Debian bug 1138862). API XML uses defusedxml; XML upload uses lxml/libxml2 (not expat)."
|
|
# libexpat <2.8.2 integer-overflow batch. Fixed upstream in expat 2.8.2
|
|
# (released 2026-06-25) but not yet packaged in Debian trixie (2.7.1-2) or
|
|
# sid (2.8.1-1) — both still vulnerable, nothing to apt-upgrade to. These
|
|
# overflows fire during normal attribute/namespace/CDATA parsing, so
|
|
# defusedxml's entity/DTD hardening does NOT mitigate them; the real
|
|
# mitigation is that expat only parses TLS-fetched XML from hardcoded trusted
|
|
# upstreams — arXiv (export.arxiv.org, via the `arxiv` lib's feedparser ->
|
|
# xml.sax -> expat) and PubMed/NCBI (eutils.ncbi.nlm.nih.gov, via
|
|
# defusedxml). No attacker-controlled XML reaches expat; document uploads
|
|
# use lxml/libxml2, not expat. NVD: AV:L, medium.
|
|
- vulnerability: CVE-2026-56403
|
|
reason: "Integer overflow in storeAtts (attribute parsing), expat <2.8.2. Trixie 2.7.1-2 / sid 2.8.1-1 vulnerable; expat 2.8.2 (2026-06-25) not yet in Debian. Expat parses only TLS-fetched trusted arXiv/PubMed XML; uploads use lxml not expat. AV:L medium."
|
|
- vulnerability: CVE-2026-56404
|
|
reason: "Integer overflow in addBinding (namespace binding), expat <2.8.2. Trixie 2.7.1-2 / sid 2.8.1-1 vulnerable; expat 2.8.2 (2026-06-25) not yet in Debian. Expat parses only TLS-fetched trusted arXiv/PubMed XML; uploads use lxml not expat. AV:L medium."
|
|
- vulnerability: CVE-2026-56405
|
|
reason: "Integer overflow in getAttributeId, expat <2.8.2. Trixie 2.7.1-2 / sid 2.8.1-1 vulnerable; expat 2.8.2 (2026-06-25) not yet in Debian. Expat parses only TLS-fetched trusted arXiv/PubMed XML; uploads use lxml not expat. AV:L medium."
|
|
- vulnerability: CVE-2026-56406
|
|
reason: "Integer overflow in XML_ParseBuffer (missing length check), expat <2.8.2. Trixie 2.7.1-2 / sid 2.8.1-1 vulnerable; expat 2.8.2 (2026-06-25) not yet in Debian. Expat parses only TLS-fetched trusted arXiv/PubMed XML; uploads use lxml not expat. AV:L medium."
|
|
- vulnerability: CVE-2026-56407
|
|
reason: "Integer overflow in doProlog (storeEntityValue), expat <2.8.2. Trixie 2.7.1-2 / sid 2.8.1-1 vulnerable; expat 2.8.2 (2026-06-25) not yet in Debian. Expat parses only TLS-fetched trusted arXiv/PubMed XML; uploads use lxml not expat. AV:L medium."
|
|
- vulnerability: CVE-2026-56408
|
|
reason: "Integer overflow in copyString, expat <2.8.2. Trixie 2.7.1-2 / sid 2.8.1-1 vulnerable; expat 2.8.2 (2026-06-25) not yet in Debian. Expat parses only TLS-fetched trusted arXiv/PubMed XML; uploads use lxml not expat. AV:L medium."
|
|
- vulnerability: CVE-2026-56412
|
|
reason: "UAF in doCdataSection (missing XML_TOK_DATA_CHARS check; incomplete fix for CVE-2026-50219), expat <2.8.2. Trixie 2.7.1-2 / sid 2.8.1-1 vulnerable; expat 2.8.2 (2026-06-25) not yet in Debian. Expat parses only TLS-fetched trusted arXiv/PubMed XML; uploads use lxml not expat. AV:L medium."
|
|
# CVE-2026-56409/-56410/-56411 are in the xmlwf CLI tool, which ships in the
|
|
# `expat` package (not the installed libexpat1 runtime) and is never invoked
|
|
# in this container — no runtime attack surface.
|
|
- vulnerability: CVE-2026-56409
|
|
reason: "Integer overflow in the xmlwf CLI tool (-d outputDir output filename), expat <2.8.2. Bug is in the xmlwf binary, not the libexpat1 runtime, and xmlwf is never invoked in this container. Trixie/sid vulnerable; expat 2.8.2 (2026-06-25) not yet in Debian."
|
|
- vulnerability: CVE-2026-56410
|
|
reason: "Integer overflow in the xmlwf CLI tool (resolveSystemId), expat <2.8.2. Bug is in the xmlwf binary, not the libexpat1 runtime, and xmlwf is never invoked in this container. Trixie/sid vulnerable; expat 2.8.2 (2026-06-25) not yet in Debian."
|
|
- vulnerability: CVE-2026-56411
|
|
reason: "Integer overflow in the xmlwf CLI tool (endDoctypeDecl via NOTATION declarations), expat <2.8.2. Bug is in the xmlwf binary, not the libexpat1 runtime, and xmlwf is never invoked in this container. Trixie/sid vulnerable; expat 2.8.2 (2026-06-25) not yet in Debian."
|
|
|
|
# --- libgraphite2-3 (font shaping, transitive via harfbuzz for WeasyPrint) ---
|
|
- vulnerability: CVE-2026-50593
|
|
reason: "Integer underflow OOB write via crafted Graphite font actions. Fixed in graphite2 1.3.15 (forky/sid only); Trixie 1.3.14 no-dsa (point-release candidate). WeasyPrint renders app-generated HTML with trusted fonts only."
|
|
|
|
# --- perl-base ---
|
|
- vulnerability: CVE-2026-7010
|
|
reason: "CRLF header injection in HTTP::Tiny <0.093. Fixed in perl 5.40.1-8 (sid only); Trixie 5.40.1-6 no-dsa. perl-base is a dpkg essential package; container runs no perl HTTP clients."
|
|
|
|
# --- libxml2 ---
|
|
# CVE-2026-6653 (high): UAF in xmlParseInternalSubset (XML internal-DTD
|
|
# parameter entities), affects 2.9.11-2.11.0; Trixie's 2.9.14 base is
|
|
# vulnerable with no backport (fixed only in sid/forky 2.15.x). NOT REACHABLE
|
|
# in this image: the flagged system libxml2 (2.9.14) is present but UNUSED.
|
|
# All XML/HTML parsing goes through lxml, which statically bundles its own
|
|
# libxml2 2.14.x — past the 2.11.0 fix (verified: etree.LIBXML_VERSION is
|
|
# (2,14,6) and lxml's etree.so has no libxml2.so in `ldd`; pdm.lock pins
|
|
# manylinux lxml wheels). The Python stdlib XML uses expat, not libxml2.
|
|
# A build-time assertion in the Dockerfile (after `pdm install`) fails the
|
|
# build if lxml ever ends up linked against a pre-2.11 libxml2 (e.g. an sdist
|
|
# fallback against the system lib), so a vulnerable parser can never ship.
|
|
- vulnerability: CVE-2026-6653
|
|
reason: "High UAF in xmlParseInternalSubset (libxml2 2.9.11-2.11.0); Trixie 2.9.14 vulnerable, no backport (fixed in sid/forky 2.15.x). NOT reachable: system libxml2 present but unused — all XML parsing uses lxml's bundled libxml2 2.14.x (verified; manylinux wheels), stdlib uses expat. A Dockerfile assertion blocks any pre-2.11 lxml. DoS-primary, CVSS 4.0 7.0."
|
|
- vulnerability: CVE-2026-1757
|
|
reason: "Memory leak in xmllint CLI shell. Negligible impact. Debian: unimportant. No xmllint usage."
|
|
- vulnerability: CVE-2025-8732
|
|
reason: "Recursion in xmlParseSGMLCatalog. Debian: unimportant. SGML catalogs obsolete, no usage."
|
|
- vulnerability: CVE-2026-0989
|
|
reason: "RelaxNG nested include stack exhaustion. Debian trixie no-dsa. No RelaxNG usage."
|
|
- vulnerability: CVE-2026-0990
|
|
reason: "Self-referencing XML catalog recursion. Debian trixie no-dsa. No untrusted catalogs."
|
|
- vulnerability: CVE-2026-0992
|
|
reason: "Repeated nextCatalog CPU exhaustion. Debian trixie no-dsa. No untrusted XML catalogs."
|
|
|
|
# --- libglib2.0 ---
|
|
- vulnerability: CVE-2026-0988
|
|
reason: "Integer overflow in g_buffered_input_stream_peek. Debian trixie no-dsa. Sid 2.87.2-3."
|
|
- vulnerability: CVE-2026-1484
|
|
reason: "Base64 encoding integer overflow on large inputs. Debian trixie no-dsa. Sid 2.86.3-5."
|
|
- vulnerability: CVE-2026-1485
|
|
reason: "Buffer underflow in content-type parsing. Debian trixie no-dsa. Sid 2.86.3-5."
|
|
- vulnerability: CVE-2026-1489
|
|
reason: "Integer overflow in Unicode case conversion. Debian trixie no-dsa. Sid 2.86.3-5."
|
|
|
|
# --- systemd (libsystemd0/libudev1) ---
|
|
- vulnerability: CVE-2026-4105
|
|
reason: "systemd-machined D-Bus privilege escalation. Not exploitable: container has no systemd/D-Bus. Needs 260~rc3-1, Trixie has 257.9-1~deb13u1."
|
|
- vulnerability: CVE-2026-29111
|
|
reason: "Vuln in libsystemd0/libudev1. No fix in Trixie. Container has no systemd runtime."
|
|
- vulnerability: CVE-2026-40225
|
|
reason: "udev local root exec via malicious hardware with unsanitized kernel output. Trixie 257.9-1~deb13u1 vulnerable; fix in 257.12/257.13 not backported. Container has no systemd/udev runtime, no hardware access."
|
|
- vulnerability: CVE-2026-40226
|
|
reason: "systemd-nspawn escape-to-host via crafted optional config file. Trixie 257.9-1~deb13u1 vulnerable; fix not yet in Trixie. Container does not run systemd-nspawn."
|
|
- vulnerability: CVE-2026-40228
|
|
reason: "systemd-journald unintended output to user terminals via logger. Low severity (CVSS 2.9). Trixie 257.9-1~deb13u1 vulnerable; no fix available. Container has no journald/interactive terminals."
|
|
|
|
# --- util-linux (mount, login, libuuid1, etc.) ---
|
|
- vulnerability: CVE-2022-0563
|
|
reason: "chfn/chsh INPUTRC leak. Debian disables chfn-chsh in util-linux. Not exploitable."
|
|
- vulnerability: CVE-2025-14104
|
|
reason: "Heap overread in setpwnam with 256-byte usernames. Debian trixie no-dsa. Sid 2.41.3-4."
|
|
- vulnerability: CVE-2026-3184
|
|
reason: "Hostname canonicalization access-control bypass. Debian trixie no-dsa."
|
|
- vulnerability: CVE-2026-27456
|
|
reason: "util-linux low-severity CVE. Debian trixie no-dsa. No fix available."
|
|
|
|
# --- libpng ---
|
|
- vulnerability: CVE-2021-4214
|
|
reason: "Heap overflow in pngimage CLI tool. Debian: unimportant. CLI tool only, not in library."
|
|
- vulnerability: CVE-2026-34757
|
|
reason: "UAF in png_set_PLTE/tRNS/hIST leading to heap disclosure. Trixie 1.6.48-1+deb13u4 vulnerable; fix in libpng 1.6.57-1 (sid only). Used transitively via libgdk-pixbuf for WeasyPrint PDF rendering on trusted PNGs."
|
|
|
|
# --- libcap2 ---
|
|
- vulnerability: CVE-2026-4878
|
|
reason: "TOCTOU race in cap_set_file. Trixie 1:2.75-10+b8 vulnerable; fix in libcap 1:2.78-1 (sid/forky only). Container never calls cap_set_file; capabilities are set once via setpriv in entrypoint."
|
|
|
|
# --- tar ---
|
|
- vulnerability: CVE-2026-5704
|
|
reason: "Path-traversal hidden-file injection via crafted archive. Trixie 1.35+dfsg-3.1 vulnerable; Debian marks <no-dsa>, no fix yet. Container does not extract untrusted tar archives at runtime."
|
|
|
|
# --- sqlite ---
|
|
- vulnerability: CVE-2021-45346
|
|
reason: "Memory leak via crafted SQL on corrupt DB. Debian: unimportant. Negligible impact."
|
|
- vulnerability: CVE-2025-7709
|
|
reason: "FTS5 tombstone integer overflow. Debian trixie no-dsa. Sid 3.46.1-9."
|
|
- vulnerability: CVE-2025-70873
|
|
reason: "Info disclosure in zipfileInflate. Python sqlite3 module does not load zipfile extension. Not exploitable."
|
|
|
|
# --- ncurses ---
|
|
- vulnerability: CVE-2025-6141
|
|
reason: "Stack overflow in termcap postprocessing. Debian trixie no-dsa. Sid 6.6+20251231-1."
|
|
- vulnerability: CVE-2025-69720
|
|
reason: "Low vuln in ncurses 6.5+20250216-2 (ncurses-bin, ncurses-base, libncursesw6, libtinfo6). No fix in Trixie."
|
|
|
|
# --- pixman ---
|
|
- vulnerability: CVE-2023-37769
|
|
reason: "FPE in stress-test tool. Debian: unimportant. Crash in test tool, no security impact."
|
|
|
|
# --- python3.14 (base image python:3.14.6-slim) ---
|
|
# 3.14.5 fixed CVE-2026-6100, -4786, -1502, -6019; 3.14.6 (2026-06-11)
|
|
# fixed CVE-2026-8328, -9669, -7774, -3276 — those entries were removed.
|
|
# The entries below remain unfixed upstream (no CPython release has them).
|
|
#
|
|
# NOTE on Grype DB lag: Grype matches the python *binary* against NVD/CPE
|
|
# ranges, which can trail an upstream patch release by days to weeks. A
|
|
# CVE that the Debian tracker shows as fixed in the installed CPython can
|
|
# therefore still be flagged right after a base-image bump. Dismiss those
|
|
# alerts via the code-scanning API as false positives (they self-heal
|
|
# when the DB updates) instead of adding entries here — a suppression in
|
|
# this file would silently outlive the DB lag it papered over.
|
|
- vulnerability: CVE-2025-12781
|
|
reason: "base64 altchars accepts +/ regardless. Debian: minor. No alt-alphabet base64 usage."
|
|
- vulnerability: CVE-2025-15366
|
|
reason: "imaplib newline injection. Debian trixie no-dsa. No IMAP usage in container."
|
|
- vulnerability: CVE-2025-15367
|
|
reason: "poplib newline injection. Debian trixie no-dsa. No POP3 usage in container."
|
|
- vulnerability: CVE-2025-13462
|
|
reason: "tarfile AREGTYPE/DIRTYPE normalization in multi-block members. Low (CVSS 2.0). No untrusted tar extraction."
|
|
|
|
# --- coreutils ---
|
|
- vulnerability: CVE-2025-5278
|
|
reason: "Heap underread in sort CLI tool. Debian: unimportant. Crash only, no security impact."
|
|
|
|
# --- zlib ---
|
|
- vulnerability: CVE-2026-27171
|
|
reason: "CPU loop in crc32_combine. Needs zlib 1.3.2, Trixie has 1.3.1. Debian trixie no-dsa."
|
|
|
|
# --- liblzma5 (xz-utils) ---
|
|
- vulnerability: CVE-2026-34743
|
|
reason: "Buffer overflow in lzma_index_decoder when decoding Index with no Records. Trixie 5.8.1-1 vulnerable; fix in xz-utils 5.8.3-1 (sid only). Debian <no-dsa>, minor. Container decompresses .xz streams from trusted sources only (pypandoc/unstructured)."
|
|
|
|
# --- libfreetype6 ---
|
|
- vulnerability: CVE-2026-23865
|
|
reason: "Integer overflow OOB read in variable font parsing. Needs freetype 2.14.2, not in sid. Debian trixie no-dsa."
|
|
|
|
# --- openssl (libssl3t64, openssl-provider-legacy) ---
|
|
- vulnerability: CVE-2026-2673
|
|
reason: "Algorithm downgrade in OpenSSL 3.5/3.6. Low severity. Trixie no-dsa. Awaiting OpenSSL 3.5.6."
|
|
|
|
# --- harfbuzz ---
|
|
- vulnerability: CVE-2026-22693
|
|
reason: "NULL deref on malloc failure in SubtableUnicodesCache. Debian trixie no-dsa. Sid 12.3.2."
|
|
|
|
# --- nltk (transitive dep, never imported — no fix available, 3.9.3 is latest) ---
|
|
- vulnerability: GHSA-jm6w-m3j8-898g
|
|
package: { name: nltk }
|
|
reason: "High vuln in nltk 3.9.3 (Zip Slip in downloader). Transitive dep; project never calls nltk.download(). No fix released."
|
|
- vulnerability: GHSA-rf74-v2fm-23pw
|
|
package: { name: nltk }
|
|
reason: "Medium vuln in nltk 3.9.3. Transitive dep; nltk never imported or used directly. No fix released."
|
|
- vulnerability: GHSA-gfwx-w7gr-fvh7
|
|
package: { name: nltk }
|
|
reason: "Medium vuln in nltk 3.9.3. Transitive dep; nltk never imported or used directly. No fix released."
|
|
|
|
# --- torch (transitive dep for local embeddings — no fix available) ---
|
|
- vulnerability: GHSA-rrmf-rvhw-rf47
|
|
package: { name: torch }
|
|
reason: "Low-severity memory corruption via torch.jit.script. No patched release (all <=2.12.0 affected). The codebase never calls torch.jit.script and does not load untrusted TorchScript."
|
|
|
|
# --- libc6/libc-bin (glibc DNS spec violations, no fix anywhere incl. sid) ---
|
|
- vulnerability: CVE-2026-4437
|
|
reason: "gethostbyaddr DNS response parsing treats non-answer section as answer. Needs glibc >2.43, Trixie has 2.41. Debian no-dsa."
|
|
- vulnerability: CVE-2026-4438
|
|
reason: "gethostbyaddr returns invalid DNS hostname. Needs glibc >2.43, Trixie has 2.41. Debian no-dsa."
|
|
|
|
# --- pygments ---
|
|
- vulnerability: GHSA-5239-wwwm-4pmq
|
|
package: { name: pygments }
|
|
reason: "Low vuln in pygments 2.19.2. No fix released yet."
|
|
|
|
# --- dpkg ---
|
|
- vulnerability: CVE-2026-2219
|
|
reason: "High vuln in dpkg 1.22.22. No fix in Trixie yet. Base image python:3.14-slim ships this version."
|
|
|
|
# --- sed (GNU sed from Debian base image python:3.14.6-slim) ---
|
|
- vulnerability: CVE-2026-5958
|
|
reason: "Low CVE in GNU sed from base image. No public info — may be very new, disputed, or not yet indexed. sed not explicitly installed in Dockerfile; comes from the python slim base image. Container does not process untrusted input with sed. No fix in Trixie."
|