open-webui Security Advisories - Pypi | Ecosyste.ms: Advisories

open-webui

Open WebUI

View on github.com · View on pypi.org

High Security Advisories for open-webui in pypi Clear Filters

High

3 days ago

Open WebUI vulnerable to Server-Side Request Forgery (SSRF) via Arbitrary URL Processing in /api/v1/retrieval/process/web GSA_kwCzR0hTQS1jNnh2LXJjdnctdjY4Nc4ABPMW

pypi open-webui

High

30 days ago

Open WebUI Affected by an External Model Server (Direct Connections) Code Injection via SSE Events GSA_kwCzR0hTQS1jbTM1LXY0dnAtNXh2eM4ABOUA

pypi, npm open-webui

High

30 days ago

Open WebUI vulnerable to Stored DOM XSS via prompts when 'Insert Prompt as Rich Text' is enabled resulting in ATO/RCE GSA_kwCzR0hTQS13N3hqLThmeDctd2ZjaM4ABOT2

pypi, npm open-webui

High

9 months ago

Open WebUI Unauthenticated Multipart Boundary Denial of Service (DoS) Vulnerability GSA_kwCzR0hTQS01Y2NmLTg4NHAtNGpqcc4ABFuM

pypi, npm open-webui

High

9 months ago

Open WebUI denial of service through endpoint for converting markdown GSA_kwCzR0hTQS01djltLTU3bXEtcWM3Nc4ABFuU

pypi open-webui

High

9 months ago

Open WebUI allows Remote Code Execution via Arbitrary File Upload to /audio/api/v1/transcriptions GSA_kwCzR0hTQS1mZjVjLTU2bTctdmM3Nc4ABFuo

pypi open-webui

High

9 months ago

Open WebUI stored cross-site scripting (XSS) vulnerability GSA_kwCzR0hTQS1najI3LTc2Z3EtNXYzcM4ABFuT

pypi open-webui

High

9 months ago

Open WebUI lacks authentication for the `api/v1/utils/pdf` endpoint GSA_kwCzR0hTQS05dmY4LXhnd20tOTdyOM4ABFul

pypi open-webui

High

9 months ago

Open WebUI Vulnerable to a Session Fixation Attack GSA_kwCzR0hTQS00M2c0LTQ4N20tNXE2bc4ABFsV

pypi open-webui

High

9 months ago

Open WebUI has SSRF in /openai/models GSA_kwCzR0hTQS14NzU3LWh2NjktanI0Nc4ABFsb

pypi open-webui

High

9 months ago

Open WebUI Cross-Site Request Forgery (CSRF) Vulnerability GSA_kwCzR0hTQS04NWpjLThoNXAtOHZ3OM4ABFsd

pypi open-webui

High

9 months ago

Open WebUI Unauthenticated Multipart Boundary Denial of Service (DoS) Vulnerability in api/chat/file GSA_kwCzR0hTQS02d2o1LTVwZ3ItandxOM4ABFsa

pypi open-webui

High

9 months ago

Open WebUI Allows Arbitrary File Reading and Deletion GSA_kwCzR0hTQS1qcmhjLTlxZzktNHFmcc4ABFtv

pypi open-webui

High

9 months ago

Open WebUI Allows Admin Deletion via API Endpoint GSA_kwCzR0hTQS1wcXdyLXBodnYtdjQ5Zs4ABFt_

pypi open-webui

High

9 months ago

Open WebUI Uncontrolled Resource Consumption vulnerability GSA_kwCzR0hTQS13Y3dwLTlyY3AtanZmZ84ABFty

pypi open-webui

High

9 months ago

Open WebUI has vulnerable dependency on starlette via fastapi GSA_kwCzR0hTQS13NDY2LTJ3ZmMtOGc1OM4ABFsA

pypi open-webui

High

9 months ago

Open WebUI Uncontrolled Resource Consumption vulnerability GSA_kwCzR0hTQS1nM214LTgzbXAtM3J3Y84ABFtM

npm, pypi open-webui

High

9 months ago

Open WebUI Uncontrolled Resource Consumption vulnerability GSA_kwCzR0hTQS1jaGY3LXE3bTUtZnE5Ms4ABFtX

npm, pypi open-webui

Filter by Severity

High 18 Moderate 9 Low 2