uba-ki-lab/objection-managementThis dossier retains 261 exact component occurrences from 1 published evidence files at one immutable repository commit.
Published dependency evidence does not prove deployment, productive use, procurement or runtime reachability.
project ID + commit SHA + exact evidence pathEvery file remains tied to the observed commit. A parse error stays visible and never becomes a zero.
sha256:b084b72cc0723df0070f68ab42b2cd9c5447aa6df20204916c3de53c04f4c363pypi:transformers4.47.125 OSV records returnedpypi:torch2.5.123 OSV records returnedpypi:litellm1.53.78 OSV records returnedpypi:dspy2.5.431 OSV record returnedpypi:datasets3.2.0pypi:openai1.59.6pypi:sentence-transformers3.3.1pypi:accelerate1.2.1pypi:tokenizers0.21.0pypi:opencv-python4.10.0.84pypi:scikit-learn1.6.1pypi:tiktoken0.8.0pypi:xgboost2.1.3pypi:pypdf5.1.031 OSV records returnedpypi:aiohttp3.11.1130 OSV records returnedpypi:pillow11.1.015 OSV records returnedpypi:nltk3.9.111 OSV records returnedpypi:tornado6.4.210 OSV records returnedpypi:onnx1.17.08 OSV records returnedpypi:python-multipart0.0.98 OSV records returnedpypi:starlette0.37.28 OSV records returnedpypi:pyjwt2.10.17 OSV records returnedpypi:urllib32.3.07 OSV records returnedpypi:cryptography42.0.86 OSV records returnedpypi:jinja23.1.54 OSV records returnedpypi:ujson5.10.04 OSV records returnedpypi:requests2.32.33 OSV records returnedpypi:setuptools75.8.03 OSV records returnedpypi:filelock3.16.12 OSV records returnedpypi:mako1.3.82 OSV records returnedpypi:pdfminer-six202407062 OSV records returnedpypi:protobuf5.29.32 OSV records returnedpypi:pyasn10.6.12 OSV records returnedpypi:pycrypto2.6.12 OSV records returnedpypi:soupsieve2.62 OSV records returnedpypi:certifi2024.12.141 OSV record returnedpypi:click8.1.81 OSV record returnedpypi:diskcache5.6.31 OSV record returnedpypi:fastapi-sso0.10.01 OSV record returnedpypi:fonttools4.55.31 OSV record returnedpypi:h110.14.01 OSV record returnedpypi:idna3.101 OSV record returnedpypi:json-repair0.35.01 OSV record returnedpypi:jupyter-core5.7.21 OSV record returnedpypi:lxml5.3.01 OSV record returnedpypi:marshmallow3.24.21 OSV record returnedpypi:orjson3.10.141 OSV record returnedpypi:pi-heif0.21.01 OSV record returnedpypi:pyarrow18.1.01 OSV record returnedpypi:pycryptodome3.10.11 OSV record returnedpypi:pygments2.19.11 OSV record returnedpypi:pynacl1.5.01 OSV record returnedpypi:pypdf23.0.11 OSV record returnedpypi:python-dotenv1.0.11 OSV record returnedpypi:tqdm4.67.11 OSV record returnedpypi:unstructured0.16.121 OSV record returnedpypi:aiofiles24.1.0pypi:aiohappyeyeballs2.4.4pypi:aiosignal1.3.2pypi:alembic1.14.0pypi:annotated-types0.7.0pypi:antlr4-python3-runtime4.9.3pypi:anyio4.8.0pypi:appnope0.1.4pypi:apscheduler3.11.0pypi:asttokens3.0.0pypi:async-timeout5.0.1pypi:asyncer0.0.8pypi:attrs24.3.0pypi:backoff2.2.1pypi:beautifulsoup44.12.3pypi:blis1.1.0pypi:bs40.0.2pypi:cachetools5.5.0pypi:catalogue2.0.10pypi:cffi1.17.1pypi:chardet5.2.0pypi:charset-normalizer3.4.1pypi:cloudpathlib0.20.0pypi:cloudpickle3.1.0pypi:colorama0.4.6pypi:coloredlogs15.0.1pypi:colorlog6.9.0pypi:comm0.2.2pypi:confection0.1.5pypi:contourpy1.3.1pypi:cycler0.12.1pypi:cymem2.0.10pypi:dataclasses-json0.6.7pypi:debugpy1.8.11pypi:decorator5.1.1pypi:deprecated1.2.15pypi:dill0.3.8pypi:distro1.9.0pypi:dnspython2.7.0pypi:effdet0.4.1pypi:email-validator2.2.0pypi:emoji2.14.0pypi:eval-type-backport0.2.2pypi:evaluate0.4.3pypi:exceptiongroup1.2.2pypi:executing2.1.0pypi:fastapi0.111.1pypi:fastapi-cli0.0.7pypi:filetype1.2.0pypi:flatbuffers24.12.23pypi:frozenlist1.5.0pypi:fsspec2024.9.0pypi:google-api-core2.24.0pypi:google-auth2.37.0pypi:google-cloud-vision3.9.0pypi:googleapis-common-protos1.66.0pypi:greenlet3.1.1pypi:grpcio1.69.0pypi:grpcio-status1.69.0pypi:gunicorn22.0.0pypi:html5lib1.1pypi:httpcore1.0.7pypi:httptools0.6.4pypi:httpx0.27.2This page displays 120 of 261 ordered rows. The machine-readable dossier retains the complete exact projection.
pypdf: Possible long runtimes for zero-only width values in cross-reference streamsuntimes for zero-only width values in cross-reference streams
13 Jul 2026Certifi removes GLOBALTRUST root certificate
10 Jun 2026HuggingFace transformers vulnerable to remote code execution
13 Jul 2026Starlette has possible denial-of-service vector when parsing large files in multipart forms
07 Jul 2026aiohttp: Host-Only Cookies Become Domain Cookies After CookieJar Persistence
13 Jul 2026Mako vulnerable to path traversal via backslash URI on Windows in TemplateLookup
13 Jul 2026pypdf has possible Infinite Loop when processing outlines/bookmarks
07 Jul 2026pypdf has a possible infinite loop when loading circular /Prev entries in cross-reference streams
13 Jul 2026AIOHTTP has CRLF injection through multipart part content type header construction
13 Jul 2026Soup Sieve has Memory Exhaustion via Large Comma-Separated Selector Lists
13 Jul 2026urllib3 streaming API improperly handles highly compressed data
07 Jul 2026Jupyter Core on Windows Has Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
07 Jul 2026PyTorch susceptible to local Denial of Service
10 Jun 2026Transformers is vulnerable to ReDoS attack through its DonutProcessor class
07 Jul 2026Decompression-bomb safeguards bypassed when following HTTP redirects (streaming API)
07 Jul 2026pypdf: Manipulated XMP metadata entity declarations can exhaust RAM
13 Jul 2026UltraJSON: Malformed/Truncated UTF-8 Accepted and Silently Rewritten in ujson.dumps()
18 Jul 2026onnx Vulnerable to Path Traversal via Symlink
13 Jul 2026AIOHTTP has late size enforcement for non-file multipart fields causes memory DoS
13 Jul 2026Tornado: Authorization header forwarded across cross-origin redirects in SimpleAsyncHTTPClient
13 Jul 2026Marshmallow has DoS in Schema.load(many)
07 Jul 2026NLTK has a Downloader Path Traversal Vulnerability (AFO) - Arbitrary File Overwrite
13 Jul 2026urllib3 does not control redirects in browsers and Node.js
07 Jul 2026pypdf has possible long runtimes for malformed startxref
07 Jul 2026aiohttp: HTTP/1 Pipelined Requests Queue Without Limit
13 Jul 2026aiohttp: TLS Server Hostname Override Is Ignored When Reusing HTTPS Connections
27 Jun 2026pypdf: Possible long runtimes for wrong size values in incremental mode
13 Jul 2026pypdf and PyPDF2 possible Infinite Loop when a comment isn't followed by a character
13 Jul 2026Hugging Face Transformers vulnerable to Regular Expression Denial of Service (ReDoS) in the AdamWeightDecay optimizer
07 Jul 2026pypdf has possible long runtimes for missing /Root object with large /Size values
07 Jul 2026LiteLLM: Authentication Bypass via Host Header Injection
18 Jul 2026Pygments has Regular Expression Denial of Service (ReDoS) due to Inefficient Regex for GUID Matching
13 Jul 2026pypdf: Possible infinite loop when retrieving fonts for layout-mode text extraction
13 Jul 2026Vulnerable OpenSSL included in cryptography wheels
16 Jun 2026ONNX: Malicious ONNX models can crash servers by exploiting unprotected object settings.
13 Jul 2026LiteLLM: Privilege escalation via unrestricted proxy configuration endpoint
13 Jul 2026PyTorch: `torch.load` with `weights_only=True` leads to remote code execution
04 Feb 2026AIOHTTP vulnerable to brute-force leak of internal static file path components
07 Jul 2026Denial of service (DoS) via deformation `multipart/form-data` boundary
07 Jul 2026Hugging Face Transformers is vulnerable to ReDoS through its MarianTokenizer
07 Jul 2026pypdf: Inefficient decoding of FlateDecode PNG predictor streams
13 Jul 2026setuptools has a path traversal vulnerability in PackageIndex.download that leads to Arbitrary File Write
11 May 2026python-multipart: Quadratic-time querystring parsing with semicolon separators causes CPU denial of service
13 Jul 2026Pillow has a heap buffer overflow with nested list coordinates
13 Jul 2026AIOHTTP's C parser (llhttp) accepts null bytes and control characters in response header values - header injection/security bypass
16 Jul 2026aiohttp: C HTTP Parser Bypasses max_line_size for Fragmented Lines
13 Jul 2026pyasn1 has a DoS vulnerability in decoder
07 Jul 2026Pycrypto generates weak key parameters
19 Oct 2024The collector reads bounded lockfiles, SBOMs and exact double-equals pins at one immutable commit. Version ranges are never resolved by assumption.
Retrieval, parsing, matching and publishing use no generative AI model.i6eal (2026): Objection management — exact AI dependency evidence dossier, data state 19 Jul 2026. https://i6eal.de/en/tools/ki-abhaengigkeitsatlas/repository/opencode-4112/
We build source-backed data products with stable identities, reproducible joins and boundaries that remain visible.
These tools complement the current result.