4 matches found
CVE-2024-7959
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2024-7959
...
CVE-2024-7959
The Open WebUI SSRF issue is in open-webui/open-webui version 0.3.8, exposed via the /openai/models endpoint. The vulnerable component allows changing the OpenAI URL without validation, causing the server to issue requests to arbitrary destinations and return their output. Reported impact include...
CVE-2024-7959
...