Lucene search
K

12 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-6928

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00811EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/08/11 10:28 p.m.4 views

CVE-2025-55161 Stirling-PDF SSRF vulnerability on /api/v1/convert/markdown/pdf

Stirling-PDF is a locally hosted web application that performs various operations on PDF files. Prior to version 1.1.0, when using the /api/v1/convert/markdown/pdf endpoint to convert Markdown to PDF, the backend calls a third-party tool to process it and includes a sanitizer for security...

8.6CVSS7.2AI score0.01999EPSS
Exploits1References2
OSV
OSV
added 2025/08/11 10:28 p.m.6 views

CVE-2025-55161 Stirling-PDF SSRF vulnerability on /api/v1/convert/markdown/pdf

Stirling-PDF is a locally hosted web application that performs various operations on PDF files. Prior to version 1.1.0, when using the /api/v1/convert/markdown/pdf endpoint to convert Markdown to PDF, the backend calls a third-party tool to process it and includes a sanitizer for security...

8.6CVSS6.6AI score0.01999EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/08/11 12:0 a.m.6 views

PT-2025-32596

Name of the Vulnerable Software and Affected Versions: Stirling-PDF versions prior to 1.1.0 Description: Stirling-PDF is a locally hosted web application used for PDF file operations. Prior to version 1.1.0, the application is susceptible to Server-Side Request Forgery SSRF when utilizing the...

9.8CVSS5.8AI score0.01999EPSS
Exploits1References11
RedhatCVE
RedhatCVE
added 2025/03/22 12:37 p.m.6 views

CVE-2024-7983

In version 0.3.8 of open-webui, an endpoint for converting markdown to HTML is exposed without authentication. A maliciously crafted markdown payload can cause the server to spend excessive time converting it, leading to a denial of service. The server becomes unresponsive to other requests until...

7.5CVSS6.7AI score0.00811EPSS
Exploits1References1
OSV
OSV
added 2025/03/20 12:32 p.m.4 views

GHSA-5V9M-57MQ-QC75 Open WebUI denial of service through endpoint for converting markdown

In version 0.3.8 of open-webui, an endpoint for converting markdown to HTML is exposed without authentication. A maliciously crafted markdown payload can cause the server to spend excessive time converting it, leading to a denial of service. The server becomes unresponsive to other requests until...

7.5CVSS6.9AI score0.00811EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2025/03/20 12:32 p.m.9 views

Open WebUI denial of service through endpoint for converting markdown

In version 0.3.8 of open-webui, an endpoint for converting markdown to HTML is exposed without authentication. A maliciously crafted markdown payload can cause the server to spend excessive time converting it, leading to a denial of service. The server becomes unresponsive to other requests until...

7.5CVSS6.6AI score0.00811EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2025/03/20 10:15 a.m.7 views

CVE-2024-7983

In version 0.3.8 of open-webui, an endpoint for converting markdown to HTML is exposed without authentication. A maliciously crafted markdown payload can cause the server to spend excessive time converting it, leading to a denial of service. The server becomes unresponsive to other requests until...

7.5CVSS0.00811EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/03/20 10:10 a.m.6 views

CVE-2024-7983 Denial of Service in open-webui/open-webui

In version 0.3.8 of open-webui, an endpoint for converting markdown to HTML is exposed without authentication. A maliciously crafted markdown payload can cause the server to spend excessive time converting it, leading to a denial of service. The server becomes unresponsive to other requests until...

7.5CVSS7.4AI score0.00811EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/03/20 10:10 a.m.15 views

CVE-2024-7983 Denial of Service in open-webui/open-webui

In version 0.3.8 of open-webui, an endpoint for converting markdown to HTML is exposed without authentication. A maliciously crafted markdown payload can cause the server to spend excessive time converting it, leading to a denial of service. The server becomes unresponsive to other requests until...

7.5CVSS0.00811EPSS
Exploits1References1
OSV
OSV
added 2025/03/20 10:10 a.m.5 views

CVE-2024-7983 Denial of Service in open-webui/open-webui

In version 0.3.8 of open-webui, an endpoint for converting markdown to HTML is exposed without authentication. A maliciously crafted markdown payload can cause the server to spend excessive time converting it, leading to a denial of service. The server becomes unresponsive to other requests until...

7.5CVSS7AI score0.00811EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2024/10/04 12:0 a.m.8 views

PT-2025-12199

Name of the Vulnerable Software and Affected Versions open-webui version 0.3.8 Description An endpoint for converting Markdown to HTML is exposed without authentication. A maliciously crafted markdown payload can cause the server to spend excessive time converting it, leading to a denial of...

7.5CVSS7.1AI score0.00811EPSS
Exploits1References24
Rows per page
Query Builder