anythingllm-oci-entrypoint

Direct Vulnerabilities

Known vulnerabilities in the anythingllm-oci-entrypoint package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • L
Authorization Bypass Through User-Controlled Key

<1.14.1-r0
  • L
Directory Traversal

<1.13.0-r0
  • M
Improper Authorization

<1.13.0-r0
  • L
Link Following

<1.13.0-r0
  • H
Arbitrary Command Injection

<1.13.0-r0
  • C
Improperly Controlled Modification of Dynamically-Determined Object Attributes

*
  • C
Permissive Whitelist

*
  • L
Improper Encoding or Escaping of Output

*
  • L
Allocation of Resources Without Limits or Throttling

*
  • H
Uncontrolled Recursion

*
  • M
Improper Authentication

*
  • C
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

*
  • L
Permissive Whitelist

*
  • L
HTTP Response Splitting

*
  • L
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

*
  • L
CRLF Injection

*
  • H
CVE-2026-3520

*
  • L
Improper Check for Unusual or Exceptional Conditions

*
  • M
Race Condition

*
  • L
Uncontrolled Recursion

*
  • L
Inefficient Regular Expression Complexity

*
  • H
Server-Side Request Forgery (SSRF)

*
  • L
CVE-2026-4926

*
  • H
Server-Side Request Forgery (SSRF)

*
  • H
Improper Check or Handling of Exceptional Conditions

*
  • C
SQL Injection

*
  • L
GHSA-39q2-94rc-95cp

*
  • L
CVE-2026-1528

*
  • L
CVE-2025-7338

*
  • H
Allocation of Resources Without Limits or Throttling

*
  • L
Server-Side Request Forgery (SSRF)

*
  • L
Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')

*
  • L
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

*
  • L
Race Condition

*
  • L
GHSA-6v7q-wjvx-w8wg

*
  • H
Resource Exhaustion

*
  • L
Uncontrolled Recursion

*
  • H
Inefficient Regular Expression Complexity

*
  • M
Server-Side Request Forgery (SSRF)

*
  • M
Link Following

*
  • L
XML Injection

*
  • M
HTTP Response Splitting

*
  • L
CVE-2026-2739

*
  • L
Allocation of Resources Without Limits or Throttling

*
  • C
CVE-2026-1525

*
  • L
GHSA-r4q5-vmmm-2653

*
  • L
CVE-2024-37168

*
  • L
Inefficient Regular Expression Complexity

*
  • L
XML Injection

*
  • L
GHSA-c7w3-x93f-qmm8

*
  • L
Incorrect Regular Expression

*
  • L
XML Injection

*
  • L
Directory Traversal

*
  • L
Improper Validation of Specified Quantity in Input

*
  • C
Directory Traversal

*
  • L
CVE-2026-1527

*
  • C
CVE-2026-4800

*
  • L
CVE-2025-15284

*
  • M
Cross-site Scripting (XSS)

*
  • L
Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')

*
  • L
CVE-2026-4923

*
  • C
Unintended Proxy or Intermediary ('Confused Deputy')

*
  • L
Inefficient Regular Expression Complexity

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • L
Memory Leak

*
  • L
Cross-site Scripting (XSS)

*
  • H
Inefficient Regular Expression Complexity

*
  • L
Uncaught Exception

*
  • L
Use of Insufficiently Random Values

*
  • H
Resource Exhaustion

*
  • L
Loop with Unreachable Exit Condition ('Infinite Loop')

*
  • H
Buffer Overflow

*
  • L
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

*
  • L
CVE-2026-3455

*
  • C
Directory Traversal

*
  • C
Deserialization of Untrusted Data

*
  • L
CVE-2024-12905

*
  • L
CVE-2026-4867

*
  • M
CVE-2026-2950

*
  • L
CVE-2024-37890

*
  • L
Resource Exhaustion

*
  • L
Algorithmic Complexity

*
  • H
CVE-2026-2359

*
  • L
XML Injection

*
  • L
Cross-site Scripting (XSS)

*
  • L
Information Exposure

*
  • L
CVE-2026-2229

*
  • L
CVE-2026-1526

*
  • M
CVE-2025-13465

*
  • C
Arbitrary Code Injection

*
  • L
Resource Exhaustion

*
  • H
CVE-2026-3304

*
  • L
GHSA-vvjj-xcjg-gr5g

*
  • L
Directory Traversal

*
  • H
CVE-2026-2391

*
  • L
GHSA-w5hq-g745-h8pq

*
  • L
XML Injection

*