Update docker/metadata-action digest to c299e40

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
docker/metadata-action	action	digest	318604b -> c299e40

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[gitnotebooks]

Review these changes at https://app.gitnotebooks.com/AlphaSphereDotAI/visualizr/pull/421

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[mergify]

🧪 CI Insights

Here's what we observed from your CI run for 2a543bd.

🟢 All jobs passed!

But CI Insights is watching 👀

[MH0386]

🔍 Vulnerabilities of ghcr.io/alphaspheredotai/visualizr:a9ac048-pr-421

📦 Image Reference ghcr.io/alphaspheredotai/visualizr:a9ac048-pr-421

digest	sha256:206bdbc60f80d99fac5db8f05b4eaef3b25e886163a3f9bd699fc430553e4cfe
vulnerabilities
platform	linux/amd64
size	3.0 GB
packages	370

torch 2.1.2+cu118 (pypi) pkg:pypi/[email protected]%2Bcu118 # Dockerfile (27:27) COPY --from=builder --chown=nonroot:nonroot --chmod=555 /home/nonroot/.local/ /home/nonroot/.local/ Affected range <2.5.0 Fixed version 2.5.0 CVSS Score 9.8 CVSS Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H EPSS Score 15.462% EPSS Percentile 94th percentile Description In PyTorch <=2.4.1, the RemoteModule has Deserialization RCE. NOTE: this is disputed by multiple parties because this is intended behavior in PyTorch distributed computing. Deserialization of Untrusted Data Affected range <2.6.0 Fixed version 2.6.0 CVSS Score 9.3 CVSS Vector CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N EPSS Score 0.391% EPSS Percentile 59th percentile Description Description I found a Remote Command Execution (RCE) vulnerability in PyTorch. When loading model using torch.load with weights_only=True, it can still achieve RCE. Background knowledge https://github.com/pytorch/pytorch/security As you can see, the PyTorch official documentation considers using torch.load() with weights_only=True to be safe. Since everyone knows that weights_only=False is unsafe, so they will use the weights_only=True to mitigate the seucirty issue. But now, I just proved that even if you use weights_only=True, it can still achieve RCE. Credit This vulnerability was found by Ji'an Zhou. Heap-based Buffer Overflow Affected range <2.2.0 Fixed version 2.2.0 CVSS Score 8.7 CVSS Vector CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N EPSS Score 0.024% EPSS Percentile 6th percentile Description PyTorch before v2.2.0 was discovered to contain a heap buffer overflow vulnerability in the component /runtime/vararg_functions.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. Use After Free Affected range <2.2.0 Fixed version 2.2.0 CVSS Score 7.8 CVSS Vector CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H EPSS Score 0.049% EPSS Percentile 15th percentile Description Pytorch before version v2.2.0 was discovered to contain a use-after-free vulnerability in torch/csrc/jit/mobile/interpreter.cpp. Affected range <2.2.0 Fixed version 2.2.0 EPSS Score 0.081% EPSS Percentile 24th percentile Description Pytorch before v2.2.0 has an Out-of-bounds Read vulnerability via the component torch/csrc/jit/mobile/flatbuffer_loader.cpp. Improper Resource Shutdown or Release Affected range <=2.7.1 Fixed version 2.8.0 CVSS Score 4.8 CVSS Vector CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N EPSS Score 0.056% EPSS Percentile 18th percentile Description A vulnerability, which was classified as problematic, was found in PyTorch 2.6.0. Affected is the function torch.nn.functional.ctc_loss of the file aten/src/ATen/native/LossCTC.cpp. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The name of the patch is 46fc5d8e360127361211cb237d5f9eef0223e567. It is recommended to apply a patch to fix this issue. Improper Resource Shutdown or Release Affected range <2.7.1-rc1 Fixed version 2.7.1-rc1 CVSS Score 1.9 CVSS Vector CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P EPSS Score 0.053% EPSS Percentile 17th percentile Description A vulnerability, which was classified as problematic, has been found in PyTorch 2.6.0+cu124. Affected by this issue is the function torch.mkldnn_max_pool2d. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.

transformers 4.19.4 (pypi) pkg:pypi/[email protected] # Dockerfile (27:27) COPY --from=builder --chown=nonroot:nonroot --chmod=555 /home/nonroot/.local/ /home/nonroot/.local/ Deserialization of Untrusted Data Affected range <4.36.0 Fixed version 4.36.0 CVSS Score 9 CVSS Vector CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H EPSS Score 0.177% EPSS Percentile 40th percentile Description Deserialization of Untrusted Data in GitHub repository huggingface/transformers prior to 4.36.0. Deserialization of Untrusted Data Affected range <4.48.0 Fixed version 4.48.0 CVSS Score 8.8 CVSS Vector CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H EPSS Score 13.019% EPSS Percentile 94th percentile Description Hugging Face Transformers Trax Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of model files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-25012. Deserialization of Untrusted Data Affected range <4.48.0 Fixed version 4.48.0 CVSS Score 8.8 CVSS Vector CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H EPSS Score 43.666% EPSS Percentile 97th percentile Description Hugging Face Transformers MaskFormer Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of model files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-25191. Deserialization of Untrusted Data Affected range <4.36.0 Fixed version 4.36.0 CVSS Score 7.8 CVSS Vector CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H EPSS Score 0.155% EPSS Percentile 37th percentile Description Deserialization of Untrusted Data in GitHub repository huggingface/transformers prior to 4.36. Deserialization of Untrusted Data Affected range <4.48.0 Fixed version 4.48.0 CVSS Score 7.5 CVSS Vector CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H EPSS Score 38.281% EPSS Percentile 97th percentile Description Hugging Face Transformers MobileViTV2 Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of configuration files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-24322. Uncontrolled Resource Consumption Affected range <4.53.0 Fixed version 4.53.0 CVSS Score 5.3 CVSS Vector CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L EPSS Score 0.076% EPSS Percentile 23rd percentile Description The huggingface/transformers library, versions prior to 4.53.0, is vulnerable to Regular Expression Denial of Service (ReDoS) in the AdamWeightDecay optimizer. The vulnerability arises from the _do_use_weight_decay method, which processes user-controlled regular expressions in the include_in_weight_decay and exclude_from_weight_decay lists. Malicious regular expressions can cause catastrophic backtracking during the re.search call, leading to 100% CPU utilization and a denial of service. This issue can be exploited by attackers who can control the patterns in these lists, potentially causing the machine learning task to hang and rendering services unresponsive. Inefficient Regular Expression Complexity Affected range <4.53.0 Fixed version 4.53.0 CVSS Score 5.3 CVSS Vector CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L EPSS Score 0.076% EPSS Percentile 23rd percentile Description A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in the Hugging Face Transformers library, specifically affecting the MarianTokenizer's remove_language_code() method. This vulnerability is present in version 4.52.4 and has been fixed in version 4.53.0. The issue arises from inefficient regex processing, which can be exploited by crafted input strings containing malformed language code patterns, leading to excessive CPU consumption and potential denial of service. Inefficient Regular Expression Complexity Affected range <4.53.0 Fixed version 4.53.0 CVSS Score 5.3 CVSS Vector CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L EPSS Score 0.075% EPSS Percentile 23rd percentile Description A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in the Hugging Face Transformers library, specifically within the normalize_numbers() method of the EnglishNormalizer class. This vulnerability affects versions up to 4.52.4 and is fixed in version 4.53.0. The issue arises from the method's handling of numeric strings, which can be exploited using crafted input strings containing long sequences of digits, leading to excessive CPU consumption. This vulnerability impacts text-to-speech and number normalization tasks, potentially causing service disruption, resource exhaustion, and API vulnerabilities. Inefficient Regular Expression Complexity Affected range <4.53.0 Fixed version 4.53.0 CVSS Score 5.3 CVSS Vector CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L EPSS Score 0.171% EPSS Percentile 39th percentile Description A Regular Expression Denial of Service (ReDoS) vulnerability exists in the Hugging Face Transformers library, specifically in the convert_tf_weight_name_to_pt_weight_name() function. This function, responsible for converting TensorFlow weight names to PyTorch format, uses a regex pattern /[^/]*___([^/]*)/ that can be exploited to cause excessive CPU consumption through crafted input strings due to catastrophic backtracking. The vulnerability affects versions up to 4.51.3 and is fixed in version 4.53.0. This issue can lead to service disruption, resource exhaustion, and potential API service vulnerabilities, impacting model conversion processes between TensorFlow and PyTorch formats. Inefficient Regular Expression Complexity Affected range <=4.51.3 Fixed version 4.52.1 CVSS Score 5.3 CVSS Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L EPSS Score 0.091% EPSS Percentile 26th percentile Description A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in the Hugging Face Transformers library, specifically within the DonutProcessor class's token2json() method. This vulnerability affects versions 4.51.3 and earlier, and is fixed in version 4.52.1. The issue arises from the regex pattern <s_(.*?)> which can be exploited to cause excessive CPU consumption through crafted input strings due to catastrophic backtracking. This vulnerability can lead to service disruption, resource exhaustion, and potential API service vulnerabilities, impacting document processing tasks using the Donut model. Inefficient Regular Expression Complexity Affected range <4.51.0 Fixed version 4.51.0 CVSS Score 5.3 CVSS Vector CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L EPSS Score 0.117% EPSS Percentile 31st percentile Description A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in the Hugging Face Transformers library, specifically in the get_imports() function within dynamic_module_utils.py. This vulnerability affects versions 4.49.0 and is fixed in version 4.51.0. The issue arises from a regular expression pattern \s*try\s*:.*?except.*?: used to filter out try/except blocks from Python code, which can be exploited to cause excessive CPU consumption through crafted input strings due to catastrophic backtracking. This vulnerability can lead to remote code loading disruption, resource exhaustion in model serving, supply chain attack vectors, and development pipeline disruption. Inefficient Regular Expression Complexity Affected range <4.51.0 Fixed version 4.51.0 CVSS Score 5.3 CVSS Vector CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L EPSS Score 0.117% EPSS Percentile 31st percentile Description A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in the Hugging Face Transformers library, specifically in the get_configuration_file() function within the transformers.configuration_utils module. The affected version is 4.49.0, and the issue is resolved in version 4.51.0. The vulnerability arises from the use of a regular expression pattern config\.(.*)\.json that can be exploited to cause excessive CPU consumption through crafted input strings, leading to catastrophic backtracking. This can result in model serving disruption, resource exhaustion, and increased latency in applications using the library. Inefficient Regular Expression Complexity Affected range <4.50.0 Fixed version 4.50.0 CVSS Score 5.3 CVSS Vector CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L EPSS Score 0.119% EPSS Percentile 32nd percentile Description A Regular Expression Denial of Service (ReDoS) exists in the preprocess_string() function of the transformers.testing_utils module. In versions before 4.50.0, the regex used to process code blocks in docstrings contains nested quantifiers that can trigger catastrophic backtracking when given inputs with many newline characters. An attacker who can supply such input to preprocess_string() (or code paths that call it) can force excessive CPU usage and degrade availability. Fix: released in 4.50.0, which rewrites the regex to avoid the inefficient pattern. ([GitHub][1]) Affected: < 4.50.0 Patched: 4.50.0 Inefficient Regular Expression Complexity Affected range <4.48.0 Fixed version 4.48.0 CVSS Score 5.3 CVSS Vector CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L EPSS Score 0.113% EPSS Percentile 31st percentile Description A Regular Expression Denial of Service (ReDoS) vulnerability was identified in the huggingface/transformers library, specifically in the file tokenization_nougat_fast.py. The vulnerability occurs in the post_process_single() function, where a regular expression processes specially crafted input. The issue stems from the regex exhibiting exponential time complexity under certain conditions, leading to excessive backtracking. This can result in significantly high CPU usage and potential application downtime, effectively creating a Denial of Service (DoS) scenario. The affected version is v4.46.3. Insecure Temporary File Affected range <4.30.0 Fixed version 4.30.0 CVSS Score 4.7 CVSS Vector CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H EPSS Score 0.018% EPSS Percentile 4th percentile Description Insecure Temporary File in GitHub repository huggingface/transformers 4.29.2 and prior. A fix is available at commit 80ca92470938bbcc348e2d9cf4734c7c25cb1c43 and has been released as part of version 4.30.0. Inefficient Regular Expression Complexity Affected range <4.50.0 Fixed version 4.50.0 CVSS Score 4.3 CVSS Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L EPSS Score 0.097% EPSS Percentile 27th percentile Description A Regular Expression Denial of Service (ReDoS) vulnerability was identified in the huggingface/transformers library, specifically in the file tokenization_gpt_neox_japanese.py of the GPT-NeoX-Japanese model. The vulnerability occurs in the SubWordJapaneseTokenizer class, where regular expressions process specially crafted inputs. The issue stems from a regex exhibiting exponential complexity under certain conditions, leading to excessive backtracking. This can result in high CPU usage and potential application downtime, effectively creating a Denial of Service (DoS) scenario. The affected version is v4.48.1 (latest). Improper Input Validation Affected range <4.52.1 Fixed version 4.52.1 CVSS Score 3.5 CVSS Vector CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N EPSS Score 0.051% EPSS Percentile 16th percentile Description Hugging Face Transformers versions up to 4.49.0 are affected by an improper input validation vulnerability in the image_utils.py file. The vulnerability arises from insecure URL validation using the startswith() method, which can be bypassed through URL username injection. This allows attackers to craft URLs that appear to be from YouTube but resolve to malicious domains, potentially leading to phishing attacks, malware distribution, or data exfiltration. The issue is fixed in version 4.52.1. Deserialization of Untrusted Data Affected range <4.38.0 Fixed version 4.38.0 CVSS Score 3.4 CVSS Vector CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:N/A:L EPSS Score 25.494% EPSS Percentile 96th percentile Description The huggingface/transformers library is vulnerable to arbitrary code execution through deserialization of untrusted data within the load_repo_checkpoint() function of the TFPreTrainedModel() class. Attackers can execute arbitrary code and commands by crafting a malicious serialized payload, exploiting the use of pickle.load() on data from potentially untrusted sources. This vulnerability allows for remote code execution (RCE) by deceiving victims into loading a seemingly harmless checkpoint during a normal training process, thereby enabling attackers to execute arbitrary code on the targeted machine.

protobuf 3.20.1 (pypi) pkg:pypi/[email protected] # Dockerfile (27:27) COPY --from=builder --chown=nonroot:nonroot --chmod=555 /home/nonroot/.local/ /home/nonroot/.local/ Uncontrolled Recursion Affected range <4.25.8 Fixed version 4.25.8 CVSS Score 8.2 CVSS Vector CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N EPSS Score 0.017% EPSS Percentile 3rd percentile Description Summary Any project that uses Protobuf pure-Python backend to parse untrusted Protocol Buffers data containing an arbitrary number of recursive groups, recursive messages or a series of SGROUP tags can be corrupted by exceeding the Python recursion limit. Reporter: Alexis Challande, Trail of Bits Ecosystem Security Team [email protected] Affected versions: This issue only affects the pure-Python implementation of protobuf-python backend. This is the implementation when PROTOCOL_BUFFERS_PYTHON_IMPLEMENTATION=python environment variable is set or the default when protobuf is used from Bazel or pure-Python PyPi wheels. CPython PyPi wheels do not use pure-Python by default. This is a Python variant of a previous issue affecting protobuf-java. Severity This is a potential Denial of Service. Parsing nested protobuf data creates unbounded recursions that can be abused by an attacker. Proof of Concept For reproduction details, please refer to the unit tests decoder_test.py and message_test Remediation and Mitigation A mitigation is available now. Please update to the latest available versions of the following packages: protobuf-python(4.25.8, 5.29.5, 6.31.1) Improper Restriction of Operations within the Bounds of a Memory Buffer Affected range >=3.20.0 <3.20.2 Fixed version 3.20.2 CVSS Score 7.5 CVSS Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H EPSS Score 0.143% EPSS Percentile 35th percentile Description Summary A message parsing and memory management vulnerability in ProtocolBuffer’s C++ and Python implementations can trigger an out of memory (OOM) failure when processing a specially crafted message, which could lead to a denial of service (DoS) on services using the libraries. Reporter: ClusterFuzz Affected versions: All versions of C++ Protobufs (including Python) prior to the versions listed below. Severity & Impact As scored by google Medium 5.7 - CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Asscored byt NIST High 7.5 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H A small (~500 KB) malicious payload can be constructed which causes the running service to allocate more than 3GB of RAM. Proof of Concept For reproduction details, please refer to the unit test that identifies the specific inputs that exercise this parsing weakness. Mitigation / Patching Please update to the latest available versions of the following packages: protobuf-cpp (3.18.3, 3.19.5, 3.20.2, 3.21.6) protobuf-python (3.18.3, 3.19.5, 3.20.2, 4.21.6)

gradio 6.1.0 (pypi) pkg:pypi/[email protected] # Dockerfile (27:27) COPY --from=builder --chown=nonroot:nonroot --chmod=555 /home/nonroot/.local/ /home/nonroot/.local/ OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities Affected range <2023-11-06 Fixed version Not Fixed CVSS Score 8.1 CVSS Vector CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N EPSS Score 1.662% EPSS Percentile 82nd percentile Description Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository gradio-app/gradio prior to main.

basicsr 1.4.2 (pypi) pkg:pypi/[email protected] # Dockerfile (27:27) COPY --from=builder --chown=nonroot:nonroot --chmod=555 /home/nonroot/.local/ /home/nonroot/.local/ Improper Neutralization of Special Elements used in a Command ('Command Injection') Affected range <=1.4.2 Fixed version Not Fixed CVSS Score 5.3 CVSS Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L EPSS Score 0.137% EPSS Percentile 34th percentile Description XPixelGroup BasicSR through 1.4.2 might locally allow code execution in contrived situations where "scontrol show hostname" is executed in the presence of a crafted SLURM_NODELIST environment variable.

[deepsource-io]

Here's the code health analysis summary for commits 9d7decd..2a543bd. View details on DeepSource ↗.

Analysis Summary

Analyzer	Status	Summary	Link
Python	✅ Success		View Check ↗
Docker	✅ Success		View Check ↗
Secrets	✅ Success		View Check ↗

---

💡 If you’re a repository administrator, you can configure the quality gates from the settings.

[renovate]

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud