ROS-20250630-08

A vulnerability in a library for Python that extends the ease of creating, distributing, and installation of Python packages setuptools is related to an input validation error when processing sequences of directory traversal in packageindex.py. Exploitation of the vulnerability could allow an...

CVE-2024-7038 Information Disclosure in open-webui/open-webui

An information disclosure vulnerability exists in open-webui version 0.3.8. The vulnerability is related to the embedding model update feature under admin settings. When a user updates the model path, the system checks if the file exists and provides different error messages based on the existenc...