Lucene search
+L

4 matches found

snyk
snyk
added 2024/10/09 9:31 p.m.6 views

Information Exposure

Overview open-webui is an Open WebUI Affected versions of this package are vulnerable to Information Exposure due to the embedding model update feature under admin settings. An attacker can expose sensitive information by observing error messages that vary based on the file's existence and...

5.1CVSS6.7AI score0.00336EPSS
Exploits1References2
nvd
nvd
added 2024/10/09 7:15 p.m.40 views

CVE-2024-7038

An information disclosure vulnerability exists in open-webui version 0.3.8. The vulnerability is related to the embedding model update feature under admin settings. When a user updates the model path, the system checks if the file exists and provides different error messages based on the existenc...

2.7CVSS0.00336EPSS
Exploits1References1
cvelist
cvelist
added 2024/10/09 6:26 p.m.45 views

CVE-2024-7038 Information Disclosure in open-webui/open-webui

An information disclosure vulnerability exists in open-webui version 0.3.8. The vulnerability is related to the embedding model update feature under admin settings. When a user updates the model path, the system checks if the file exists and provides different error messages based on the existenc...

2.7CVSS0.00336EPSS
Exploits1References1
ptsecurity
ptsecurity
added 2024/10/09 12:0 a.m.9 views

PT-2024-38040

Name of the Vulnerable Software and Affected Versions open-webui version 0.3.8 Description An information disclosure issue exists related to the embedding model update feature under admin settings. When a user updates the model path, the system checks if the file exists and provides different err...

2.7CVSS5.9AI score0.00336EPSS
Exploits1References12
Rows per page
Query Builder