Skip to main content

plugin_daemon_local Security Scan

View Release Notes
Securityv3.9.2Generated 2026-04-28 05:24:20 UTC
Critical
Clean
High
12 found
Scan Date
Apr 28, 2026

Scanner: Docker Scout

Critical vulnerabilities: 2

High vulnerabilities: 2

Medium vulnerabilities: 11

Critical

CVEPackageInstalledFixedDescription
CVE-2026-33815v55.5.55.9.0CVE-2026-33815
CVE-2026-33816v55.5.55.9.0CVE-2026-33816: Improper Input Validation

High

CVEPackageInstalledFixedDescription
CVE-2026-39883sdk1.41.01.43.0CVE-2026-39883: Untrusted Search Path
CVE-2026-34986v44.1.34.1.4CVE-2026-34986: Uncaught Exception

Medium

CVEPackageInstalledFixedDescription
CVE-2026-25934v55.16.25.16.5CVE-2026-25934: Improper Validation of Integrity Check Value
CVE-2026-25645requests2.32.52.33.0CVE-2026-25645: Insecure Temporary File
CVE-2026-3219pip26.0.1not fixedCVE-2026-3219: Unrestricted Upload of File with Dangerous Type
GHSA-3xc5-wrhm-f963v55.16.25.18.0GHSA-3xc5-wrhm-f963: Insufficiently Protected Credentials
CVE-2026-34165v55.16.25.17.1CVE-2026-34165: Integer Underflow (Wrap or Wraparound)
CVE-2026-39882otlpmetrichttp1.41.01.43.0CVE-2026-39882: Memory Allocation with Excessive Size Value
CVE-2026-39882otlpmetrichttp1.41.01.43.0CVE-2026-39882: Memory Allocation with Excessive Size Value
CVE-2023-49092rsa0.9.10not fixedCVE-2023-49092
CVE-2025-1386ch-go0.61.50.65.0CVE-2025-1386: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
GHSA-xmrv-pmrh-hhx2eventstream1.6.101.7.8GHSA-xmrv-pmrh-hhx2: Improper Input Validation
GHSA-xmrv-pmrh-hhx2eventstream1.6.101.7.8GHSA-xmrv-pmrh-hhx2: Improper Input Validation
© 2026 Dify All rights reserved.Enterprise release information is confidential. Do not distribute externally.