Skip to main content

plugin_manager Security Scan

View Release Notes
Securityv3.9.3Generated 2026-05-08 08:29:48 UTC
Critical
Clean
High
6 found
Scan Date
May 08, 2026

Scanner: Docker Scout

Critical vulnerabilities: 0

High vulnerabilities: 2

Medium vulnerabilities: 6

Critical

No critical vulnerabilities found.

High

CVEPackageInstalledFixedDescription
CVE-2026-42151prometheus0.309.2-0.20260113170727-c7bc56cf6c8f0.311.3CVE-2026-42151: Exposure of Sensitive Information to an Unauthorized Actor
CVE-2026-42154prometheus0.309.2-0.20260113170727-c7bc56cf6c8f0.311.3CVE-2026-42154: Uncontrolled Resource Consumption

Medium

CVEPackageInstalledFixedDescription
GHSA-fw8g-cg8f-9j28prometheus0.309.2-0.20260113170727-c7bc56cf6c8f0.311.3GHSA-fw8g-cg8f-9j28: Improper Neutralization of Input During Web Page Generation ('Cross-site Script...
CVE-2026-25934v55.16.25.16.5CVE-2026-25934: Improper Validation of Integrity Check Value
CVE-2026-41506v55.16.25.18.0CVE-2026-41506: Insufficiently Protected Credentials
CVE-2026-34165v55.16.25.17.1CVE-2026-34165: Integer Underflow (Wrap or Wraparound)
CVE-2026-40179prometheus0.309.2-0.20260113170727-c7bc56cf6c8f0.311.2-0.20260410083055-07c6232d159bCVE-2026-40179: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2026-6993v22.8.4not fixedCVE-2026-6993: Unintended Proxy or Intermediary ('Confused Deputy')
© 2026 Dify All rights reserved.Enterprise release information is confidential. Do not distribute externally.