Filtered by vendor Openwebui
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-6707 | 2 Debian, Openwebui | 2 Debian Linux, Open Webui | 2024-08-08 | 7.5 High |
| Attacker controlled files can be uploaded to arbitrary locations on the web server's filesystem by abusing a path traversal vulnerability. | ||||
| CVE-2024-6706 | 2 Debian, Openwebui | 2 Debian Linux, Open Webui | 2024-08-08 | 6.3 Medium |
| Attackers can craft a malicious prompt that coerces the language model into executing arbitrary JavaScript in the context of the web page. | ||||
Page 1 of 1.