4 matches found
Information Exposure
Overview open-webui is an Open WebUI Affected versions of this package are vulnerable to Information Exposure due to the embedding model update feature under admin settings. An attacker can expose sensitive information by observing error messages that vary based on the file's existence and...
CVE-2024-7038
An information disclosure vulnerability exists in open-webui version 0.3.8. The vulnerability is related to the embedding model update feature under admin settings. When a user updates the model path, the system checks if the file exists and provides different error messages based on the existenc...
CVE-2024-7038 Information Disclosure in open-webui/open-webui
An information disclosure vulnerability exists in open-webui version 0.3.8. The vulnerability is related to the embedding model update feature under admin settings. When a user updates the model path, the system checks if the file exists and provides different error messages based on the existenc...
PT-2024-38040 · Unknown · Open-Webui
Name of the Vulnerable Software and Affected Versions: open-webui version 0.3.8 Description: An information disclosure issue exists related to the embedding model update feature under admin settings. When a user updates the model path, the system checks if the file exists and provides different...