Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

pypi

open-webui

pypi · Open WebUI · Repository · Package

Security Advisories for open-webui in pypi

High
7 months ago

Open WebUI Unauthenticated Multipart Boundary Denial of Service (DoS) Vulnerability GSA_kwCzR0hTQS01Y2NmLTg4NHAtNGpqcc4ABFuM

pypi, npm open-webui
High
7 months ago

Open WebUI lacks authentication for the `api/v1/utils/pdf` endpoint GSA_kwCzR0hTQS05dmY4LXhnd20tOTdyOM4ABFul

pypi open-webui
High
7 months ago

Open WebUI denial of service through endpoint for converting markdown GSA_kwCzR0hTQS01djltLTU3bXEtcWM3Nc4ABFuU

pypi open-webui
High
7 months ago

Open WebUI stored cross-site scripting (XSS) vulnerability GSA_kwCzR0hTQS1najI3LTc2Z3EtNXYzcM4ABFuT

pypi open-webui
High
7 months ago

Open WebUI allows Remote Code Execution via Arbitrary File Upload to /audio/api/v1/transcriptions GSA_kwCzR0hTQS1mZjVjLTU2bTctdmM3Nc4ABFuo

pypi open-webui
High
7 months ago

Open WebUI Vulnerable to a Session Fixation Attack GSA_kwCzR0hTQS00M2c0LTQ4N20tNXE2bc4ABFsV

pypi open-webui
Moderate
7 months ago

Open WebUI Vulnerable to Cross-Site Request Forgery (CSRF) GSA_kwCzR0hTQS1wNXZ4LTloajgtY2Y0aM4ABFuD

pypi open-webui
High
7 months ago

Open WebUI has SSRF in /openai/models GSA_kwCzR0hTQS14NzU3LWh2NjktanI0Nc4ABFsb

pypi open-webui
Moderate
7 months ago

Open WebUI Has Improper Access Control Leading to Arbitrary Prompt Read GSA_kwCzR0hTQS1jN2ZxLXA2MnAtd3ZwY84ABFsX

pypi open-webui
High
7 months ago

Open WebUI Cross-Site Request Forgery (CSRF) Vulnerability GSA_kwCzR0hTQS04NWpjLThoNXAtOHZ3OM4ABFsd

pypi open-webui
Moderate
7 months ago

Open WebUI Allows Viewing of Admin Details GSA_kwCzR0hTQS1ndjI2LXF3M2gtOHF2cM4ABFsQ

pypi open-webui
High
7 months ago

Open WebUI Unauthenticated Multipart Boundary Denial of Service (DoS) Vulnerability in api/chat/file GSA_kwCzR0hTQS02d2o1LTVwZ3ItandxOM4ABFsa

pypi open-webui
Moderate
7 months ago

Open WebUI Allows Arbitrary File Write via the `download_model` Endpoint GSA_kwCzR0hTQS0zcDlxLTd3NjMtM2Y4cc4ABFuB

pypi open-webui
High
7 months ago

Open WebUI Uncontrolled Resource Consumption vulnerability GSA_kwCzR0hTQS13Y3dwLTlyY3AtanZmZ84ABFty

pypi open-webui
High
7 months ago

Open WebUI Allows Arbitrary File Reading and Deletion GSA_kwCzR0hTQS1qcmhjLTlxZzktNHFmcc4ABFtv

pypi open-webui
Moderate
7 months ago

Open WebUI Allows Arbitrary File Write via the `/models/upload` Endpoint GSA_kwCzR0hTQS1jcmg2LXBqOGMteHJoY84ABFts

pypi open-webui
Moderate
7 months ago

Open WebUI Vulnerable to Cross-Site Scripting (XSS) via Chat File Upload GSA_kwCzR0hTQS1qMjc0LW01NTktY2o0as4ABFuC

pypi open-webui
High
7 months ago

Open WebUI Allows Admin Deletion via API Endpoint GSA_kwCzR0hTQS1wcXdyLXBodnYtdjQ5Zs4ABFt_

pypi open-webui
High
7 months ago

Open WebUI has vulnerable dependency on starlette via fastapi GSA_kwCzR0hTQS13NDY2LTJ3ZmMtOGc1OM4ABFsA

pypi open-webui
High
7 months ago

Open WebUI Uncontrolled Resource Consumption vulnerability GSA_kwCzR0hTQS1jaGY3LXE3bTUtZnE5Ms4ABFtX

npm, pypi open-webui
High
7 months ago

Open WebUI Uncontrolled Resource Consumption vulnerability GSA_kwCzR0hTQS1nM214LTgzbXAtM3J3Y84ABFtM

npm, pypi open-webui
Moderate
12 months ago

open-webui allows writing and deleting arbitrary files GSA_kwCzR0hTQS01NGY0LXY2djktOXE4Ms4ABAJI

pypi open-webui
Moderate
12 months ago

open-webui Insecure Direct Object Reference (IDOR) vulnerability GSA_kwCzR0hTQS14Y3ZjLTVoZ3YtcGhxZ84ABAJF

pypi open-webui
Low
12 months ago

open-webui allows enumeration of file names and traversal of directories by observing the error messages GSA_kwCzR0hTQS1tcTkyLWpyMzUtZmZwY84ABAJB

pypi open-webui
Moderate
about 1 year ago

Open WebUI Stored Cross-Site Scripting Vulnerability GSA_kwCzR0hTQS01anAzLXdwNXYtNTM2M84AA-fH

pypi open-webui

Filter by Severity

High 15 Moderate 9 Low 1