Scanner: Docker Scout

Critical vulnerabilities: 0

High vulnerabilities: 13

Medium vulnerabilities: 10

Critical

No critical vulnerabilities found.

High

CVE	Package	Installed	Fixed	Description
CVE-2025-45768	pyjwt	2.12.0	not fixed	CVE-2025-45768
CVE-2024-23342	ecdsa	0.19.2	not fixed	CVE-2024-23342: Observable Discrepancy
CVE-2024-34997	joblib	1.5.2	not fixed	CVE-2024-34997
CVE-2025-69534	markdown	3.10.2	not fixed	CVE-2025-69534
CVE-2026-0846	nltk	3.9.4	not fixed	CVE-2026-0846
CVE-2025-14920	transformers	5.3.0	not fixed	CVE-2025-14920
CVE-2025-14921	transformers	5.3.0	not fixed	CVE-2025-14921
CVE-2025-14924	transformers	5.3.0	not fixed	CVE-2025-14924
CVE-2025-14926	transformers	5.3.0	not fixed	CVE-2025-14926
CVE-2025-14927	transformers	5.3.0	not fixed	CVE-2025-14927
CVE-2025-14928	transformers	5.3.0	not fixed	CVE-2025-14928
CVE-2025-14929	transformers	5.3.0	not fixed	CVE-2025-14929
CVE-2025-14930	transformers	5.3.0	not fixed	CVE-2025-14930

Medium

CVE	Package	Installed	Fixed	Description
CVE-2026-3219	pip	26.0.1	not fixed	CVE-2026-3219: Unrestricted Upload of File with Dangerous Type
CVE-2025-69872	diskcache	5.6.3	not fixed	CVE-2025-69872: Deserialization of Untrusted Data
CVE-2022-42969	py	1.11.0	not fixed	CVE-2022-42969
CVE-2024-1681	flask-cors	6.0.2	not fixed	CVE-2024-1681
CVE-2026-6357	pip	26.0.1	26.1	CVE-2026-6357: Inclusion of Functionality from Untrusted Control Sphere
CVE-2026-41425	authlib	1.6.9	1.6.11	CVE-2026-41425: Cross-Site Request Forgery (CSRF)
CVE-2023-49092	rsa	0.9.10	not fixed	CVE-2023-49092
CVE-2026-44681	authlib	1.6.9	1.6.12	CVE-2026-44681: URL Redirection to Untrusted Site ('Open Redirect')
CVE-2025-71176	pytest	9.0.2	9.0.3	CVE-2025-71176: Creation of Temporary File in Directory with Insecure Permissions
CVE-2026-45409	idna	3.11	3.15	CVE-2026-45409: Inefficient Regular Expression Complexity