CVE-2026-44827: bump diffusers to 0.38.0 to fix arbitrary code execution#944
Conversation
Add diffusers>=0.38.0 as direct dependency in Pipfile and update Pipfile.lock for cuda128-torch290 and rocm64-torch290 training images to fix CVE-2026-44827 (arbitrary code execution via malicious None.py model loading). Resolves: RHOAIENG-69899, RHOAIENG-69897 Co-authored-by: Cursor <cursoragent@cursor.com>
📝 WalkthroughWalkthroughTwo Pipfiles for training runtime images (py312-cuda128-torch290 and py312-rocm64-torch290) had a new dependency entry added: Estimated code review effort: 1 (Trivial) | ~3 minutes Changes
Security note: Version constraint is unpinned ( Related issues: None specified in provided data. Related PRs: None specified in provided data. Suggested labels: dependencies, supply-chain Suggested reviewers: None specified in provided data. 🚥 Pre-merge checks | ✅ 9 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (9 passed)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
🧹 Nitpick comments (1)
images/runtime/training/py312-cuda128-torch290/Pipfile (1)
17-17: 🔒 Security & Privacy | 🔵 Trivial | ⚡ Quick winUnbounded floating constraint diverges from sibling pinning convention.
CVE-2026-44827 (CWE-94, RCE via
None.py, CVSS 8.8) is real and fixed in diffusers 0.38.0 — the version floor is correct. However,>=0.38.0has no upper bound, while the adjacentdatasets = "==4.3.0"entry (Line 16) is exactly pinned. An unbounded floor means any futurepipenv lock --devre-run silently pulls in whatever diffusers ships next (breaking API changes or a newly discovered vuln) without an explicit review gate — Pipfile.lock hashes only protect until the next intentional re-lock. For a security-driven training image, prefer a pin or capped range consistent with the rest of the file.🔒 Suggested tighter constraint
-diffusers = ">=0.38.0" +diffusers = "==0.38.0"🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@images/runtime/training/py312-cuda128-torch290/Pipfile` at line 17, The diffusers dependency in the Pipfile is only lower-bounded, which is inconsistent with the sibling exact pinning and allows future unreviewed upgrades. Update the diffusers constraint in the Pipfile to a tighter, security-reviewable version specifier consistent with the existing dependency style, keeping the fixed minimum from the current requirement while adding an upper bound or exact pin. Use the diffusers entry as the target for the change and keep it aligned with the surrounding pinned packages such as datasets.Source: Path instructions
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Nitpick comments:
In `@images/runtime/training/py312-cuda128-torch290/Pipfile`:
- Line 17: The diffusers dependency in the Pipfile is only lower-bounded, which
is inconsistent with the sibling exact pinning and allows future unreviewed
upgrades. Update the diffusers constraint in the Pipfile to a tighter,
security-reviewable version specifier consistent with the existing dependency
style, keeping the fixed minimum from the current requirement while adding an
upper bound or exact pin. Use the diffusers entry as the target for the change
and keep it aligned with the surrounding pinned packages such as datasets.
ℹ️ Review info
⚙️ Run configuration
Configuration used: Central YAML (base), Organization UI (inherited)
Review profile: CHILL
Plan: Enterprise
Run ID: 0f1c70b2-1993-4fba-b3af-959e4f8972da
⛔ Files ignored due to path filters (2)
images/runtime/training/py312-cuda128-torch290/Pipfile.lockis excluded by!**/*.lockimages/runtime/training/py312-rocm64-torch290/Pipfile.lockis excluded by!**/*.lock
📒 Files selected for processing (2)
images/runtime/training/py312-cuda128-torch290/Pipfileimages/runtime/training/py312-rocm64-torch290/Pipfile
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: sutaakar The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
Add diffusers>=0.38.0 as direct dependency in Pipfile and update Pipfile.lock for cuda128-torch290 and rocm64-torch290 training images to fix CVE-2026-44827 (arbitrary code execution via malicious None.py model loading).
Resolves: RHOAIENG-69899, RHOAIENG-69897
Description
How Has This Been Tested?
Merge criteria:
Summary by CodeRabbit
diffusersversion 0.38.0 or later.