Lucene search
+L

6 matches found

RedhatCVE
RedhatCVE
added 2025/03/22 1:21 p.m.8 views

CVE-2024-7033

In version 0.3.8 of open-webui/open-webui, an arbitrary file write vulnerability exists in the downloadmodel endpoint. When deployed on Windows, the application improperly handles file paths, allowing an attacker to manipulate the file path to write files to arbitrary locations on the server's...

7.2CVSS8.7AI score0.01125EPSS
Exploits0References1
NVD
NVD
added 2025/03/20 10:15 a.m.8 views

CVE-2024-7033

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

0.01125EPSS
Exploits0
Cvelist
Cvelist
added 2025/03/20 10:9 a.m.21 views

CVE-2024-7033

...

0.01125EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2025/03/20 10:9 a.m.8 views

CVE-2024-7033

...

6.6AI score0.01125EPSS
Exploits0
CVE
CVE
added 2025/03/20 10:9 a.m.57 views

CVE-2024-7033

Open-WebUI (open-webui/open-webui) 0.3.8 contains an arbitrary file write vulnerability in the download_model endpoint. On Windows, improper path handling allows an attacker to manipulate the file path and write files to arbitrary locations on the server’s filesystem, potentially overwriting crit...

8.3AI score0.01125EPSS
Exploits0
OSV
OSV
added 2025/03/20 10:9 a.m.6 views

CVE-2024-7033 Arbitrary File Write in open-webui/open-webui

In version 0.3.8 of open-webui/open-webui, an arbitrary file write vulnerability exists in the downloadmodel endpoint. When deployed on Windows, the application improperly handles file paths, allowing an attacker to manipulate the file path to write files to arbitrary locations on the server's...

6.5CVSS7.4AI score0.01125EPSS
Exploits0References3
Rows per page
Query Builder