[Snyk] Security upgrade python from 3.6-slim to 3.13.0b1-slim

[mikolajroszak]

This PR was automatically created by Snyk using the credentials of a real user.

Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.

Changes included in this PR

• docker/Dockerfile.python-3.6

We recommend upgrading to python:3.13.0b1-slim, as this image has only 50 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.

Some of the most important vulnerabilities in your base image include:

Severity	Priority Score / 1000	Issue	Exploit Maturity
	714	Directory Traversal SNYK-DEBIAN11-DPKG-2847942	No Known Exploit
	714	Use After Free SNYK-DEBIAN11-GLIBC-1296898	No Known Exploit
	714	Buffer Overflow SNYK-DEBIAN11-GLIBC-2340908	No Known Exploit
	829	Out-of-bounds Write SNYK-DEBIAN11-GLIBC-5927133	Mature
	829	Out-of-bounds Write SNYK-DEBIAN11-GLIBC-5927133	Mature

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Use After Free
🦉 Directory Traversal

[cloudflare-workers-and-pages]

Deploying snyk-1 with    Cloudflare Pages

Latest commit:	9730eca
Status:	🚫  Build failed.

View logs

[secure-code-warrior-for-github]

Micro-Learning Topic: Buffer overflow (Detected by phrase)

Matched on "Buffer Overflow"

What is this? (2min video)

A buffer overflow condition exists when a program attempts to put more data in a buffer than it can hold or when a program attempts to put data in a memory area past a buffer.

Try a challenge in Secure Code Warrior

Micro-Learning Topic: Directory traversal (Detected by phrase)

Matched on "Directory Traversal"

What is this? (2min video)

Path traversal vulnerabilities occur when inputs that have not been sufficiently validated or sanitised are used to build directory or file paths. If an attacker can influence the path being accessed by the server, they may be able to gain unauthorised access to files or even execute arbitrary code on the server (when coupled with file upload functionality).

Try a challenge in Secure Code Warrior

Helpful references

• OWASP Input Validation Cheat Sheet - This cheatsheet is focused on providing clear, simple, actionable guidance for preventing injection and input validation flaws in your applications, including defence against path traversal.
• OWASP Path Traversal - OWASP community page with comprehensive information about path traversal, and links to various OWASP resources to help detect or prevent it.

Micro-Learning Topic: Use-after-free (Detected by phrase)

Matched on "Use After Free"

What is this? (2min video)

Dereferencing pointers to objects that have already been freed opens the door to execution of arbitrary code. Attackers may be able to insert instructions at the freed memory location in order to trigger the exploit when the pointer is used after the memory has been freed.

Try a challenge in Secure Code Warrior