Skip to main content
Dify Logo/Enterprise

plugin_build_base_py314 Security Scan

View Release Notes
Securityv3.9.1Generated 2026-04-15 07:58:45 UTC
Critical
28 found
High
112 found
Scan Date
Apr 15, 2026

Scanner: Docker Scout

Critical vulnerabilities: 5

High vulnerabilities: 7

Critical

CVEPackageInstalledFixedDescription
CVE-2026-34872mbedtls3.6.5-0.1~deb13u1not fixedCVE-2026-34872
CVE-2026-34873mbedtls3.6.5-0.1~deb13u1not fixedCVE-2026-34873
CVE-2026-6100python3.133.13.5-2not fixedCVE-2026-6100
CVE-2026-34875mbedtls3.6.5-0.1~deb13u1not fixedCVE-2026-34875
CVE-2026-34877mbedtls3.6.5-0.1~deb13u1not fixedCVE-2026-34877

High

CVEPackageInstalledFixedDescription
CVE-2026-24049wheel0.45.10.46.2CVE-2026-24049: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2026-25833mbedtls3.6.5-0.1~deb13u1not fixedCVE-2026-25833
CVE-2026-27135nghttp21.64.0-1.1not fixedCVE-2026-27135
CVE-2026-34874mbedtls3.6.5-0.1~deb13u1not fixedCVE-2026-34874
CVE-2026-34876mbedtls3.6.5-0.1~deb13u1not fixedCVE-2026-34876
CVE-2026-25835mbedtls3.6.5-0.1~deb13u1not fixedCVE-2026-25835
CVE-2026-40393mesa25.0.7-2not fixedCVE-2026-40393
© 2026 Dify All rights reserved.Enterprise release information is confidential. Do not distribute externally.
Documentation
Support
Contact