Filtered by vendor Openwebui
Subscriptions
Filtered by product Open Webui
Subscriptions
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-6707 | 2 Debian, Openwebui | 2 Debian Linux, Open Webui | 2024-08-08 | 7.5 High |
Attacker controlled files can be uploaded to arbitrary locations on the web server's filesystem by abusing a path traversal vulnerability. | ||||
CVE-2024-6706 | 2 Debian, Openwebui | 2 Debian Linux, Open Webui | 2024-08-08 | 6.3 Medium |
Attackers can craft a malicious prompt that coerces the language model into executing arbitrary JavaScript in the context of the web page. |
Page 1 of 1.