VYPR
Unrated severityNVD Advisory· Published Apr 16, 2024· Updated Aug 2, 2024

Open WebUI vulnerable to server-side request forgery in utils.py

CVE-2024-30256

Description

Open WebUI is a user-friendly WebUI for LLMs. Open-webui is vulnerable to authenticated blind server-side request forgery. This vulnerability is fixed in 0.1.117.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Openwebui/Open Webuillm-fuzzy2 versions
    <0.1.117+ 1 more
    • (no CPE)range: <0.1.117
    • (no CPE)range: < 0.1.117

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.