Filtered by vendor Open-webui Subscriptions
Total 4 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-7049 2 Open-webui, Openwebui 2 Open-webui, Open Webui 2024-10-17 5.4 Medium
In version v0.3.8 of open-webui/open-webui, a vulnerability exists where a token is returned when a user with a pending role logs in. This allows the user to perform actions without admin confirmation, bypassing the intended approval process.
CVE-2024-7037 1 Open-webui 1 Open-webui 2024-10-10 N/A
In version v0.3.8 of open-webui/open-webui, the endpoint /api/pipelines/upload is vulnerable to arbitrary file write and delete due to unsanitized file.filename concatenation with CACHE_DIR. This vulnerability allows attackers to overwrite and delete system files, potentially leading to remote code execution.
CVE-2024-7048 1 Open-webui 1 Open-webui 2024-10-10 N/A
In version v0.3.8 of open-webui, an improper privilege management vulnerability exists in the API endpoints GET /api/v1/documents/ and POST /rag/api/v1/doc. This vulnerability allows a lower-privileged user to access and overwrite files managed by a higher-privileged admin. By exploiting this vulnerability, an attacker can view metadata of files uploaded by an admin and overwrite these files, compromising the integrity and availability of the RAG models.
CVE-2024-7041 1 Open-webui 1 Open-webui 2024-10-10 N/A
An Insecure Direct Object Reference (IDOR) vulnerability exists in open-webui/open-webui version v0.3.8. The vulnerability occurs in the API endpoint `http://0.0.0.0:3000/api/v1/memories/{id}/update`, where the decentralization design is flawed, allowing attackers to edit other users' memories without proper authorization.