3 matches found
CVE-2025-29446
open-webui v0.5.16 is vulnerable to SSRF in routers/ollama.py in function verifyconnection...
Open WebUI 安全漏洞
Open WebUI is an extensible, feature-rich, user-friendly self-hosted WebUI from Open WebUI open source. A security vulnerability exists in Open WebUI version v0.5.16, which stems from the vulnerability of the verifyconnection function in routers/ollama.py to a server-side request forgery attack...
CVE-2025-29446
CVE-2025-29446 is associated with Open WebUI 0.5.16, where the SSRF vulnerability resides in routers/ollama.py, function verify_connection. Red Hat’s advisory and Snyk report confirm a Server-Side Request Forgery vulnerability affecting this version and advise upgrading to Open WebUI >= 0.6.34...