Skip to main content

enterpriseCollector Security Scan

View Release Notes
Securityv3.9.3Generated 2026-05-08 08:29:48 UTC
Critical
Clean
High
6 found
Scan Date
May 08, 2026

Scanner: Docker Scout

Critical vulnerabilities: 0

High vulnerabilities: 3

Medium vulnerabilities: 5

Critical

No critical vulnerabilities found.

High

CVEPackageInstalledFixedDescription
CVE-2026-42151prometheus0.309.2-0.20260113170727-c7bc56cf6c8f0.311.3CVE-2026-42151: Exposure of Sensitive Information to an Unauthorized Actor
CVE-2026-42154prometheus0.309.2-0.20260113170727-c7bc56cf6c8f0.311.3CVE-2026-42154: Uncontrolled Resource Consumption
CVE-2026-34040docker28.5.2%2Bincompatiblenot fixedCVE-2026-34040: Authentication Bypass Using an Alternate Path or Channel

Medium

CVEPackageInstalledFixedDescription
GHSA-fw8g-cg8f-9j28prometheus0.309.2-0.20260113170727-c7bc56cf6c8f0.311.3GHSA-fw8g-cg8f-9j28: Improper Neutralization of Input During Web Page Generation ('Cross-site Script...
CVE-2026-39882otlploghttp0.16.00.19.0CVE-2026-39882: Memory Allocation with Excessive Size Value
CVE-2026-40179prometheus0.309.2-0.20260113170727-c7bc56cf6c8f0.311.2-0.20260410083055-07c6232d159bCVE-2026-40179: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2026-6993v22.8.4not fixedCVE-2026-6993: Unintended Proxy or Intermediary ('Confused Deputy')
CVE-2026-33997docker28.5.2%2Bincompatiblenot fixedCVE-2026-33997: Off-by-one Error
© 2026 Dify All rights reserved.Enterprise release information is confidential. Do not distribute externally.