Skip to main content

web Security Scan

View Release Notes
Securityv3.9.2Generated 2026-04-28 05:24:20 UTC
Critical
Clean
High
12 found
Scan Date
Apr 28, 2026

Scanner: Docker Scout

Critical vulnerabilities: 0

High vulnerabilities: 4

Medium vulnerabilities: 3

Critical

No critical vulnerabilities found.

High

CVEPackageInstalledFixedDescription
CVE-2026-41672xmldom0.8.120.8.13CVE-2026-41672: XML Injection (aka Blind XPath Injection)
CVE-2026-41673xmldom0.8.120.8.13CVE-2026-41673: Uncontrolled Recursion
CVE-2026-41674xmldom0.8.120.8.13CVE-2026-41674: XML Injection (aka Blind XPath Injection)
CVE-2026-41675xmldom0.8.120.8.13CVE-2026-41675: XML Injection (aka Blind XPath Injection)

Medium

CVEPackageInstalledFixedDescription
CVE-2025-25285endpoint9.0.610.1.3CVE-2025-25285: OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CVE-2025-25289request-error5.1.16.1.7CVE-2025-25289: OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
GHSA-w5hq-g745-h8pquuid8.3.214.0.0GHSA-w5hq-g745-h8pq: Improper Validation of Specified Index, Position, or Offset in Input
© 2026 Dify All rights reserved.Enterprise release information is confidential. Do not distribute externally.