Security Advisories
Browse security advisories and track which Dependabot PRs address them.
24,785
Total Advisories
1,792
With Dependabot PRs
3,506
Critical Severity
8,617
High Severity
H2O Vulnerable to Arbitrary File Overwrite
GHSA-g48v-3p35-88jr CVE-2024-8616 HIGH 8 months ago
In h2oai/h2o-3 version 3.46.0, the `/99/Models/{name}/json` endpoint allows for arbitrary file overwrite on the target server. The vulnerability ar...
maven
pypi
No PRs yet
AgentScope arbitrary file download vulnerability in rpc_agent_client
GHSA-p6h7-hfj2-vmcf CVE-2024-8501 HIGH 8 months ago
An arbitrary file download vulnerability exists in the rpc_agent_client component of modelscope/agentscope version v0.0.4. This vulnerability allow...
pypi
No PRs yet
Aim path traversal in LockManager.release_locks
GHSA-4qcx-jx49-6qrh CVE-2024-8769 CRITICAL 8 months ago
A vulnerability in the `LockManager.release_locks` function in aimhubio/aim (commit bb76afe) allows for arbitrary file deletion through relative pa...
pypi
No PRs yet
Open WebUI allows Remote Code Execution via Arbitrary File Upload to /audio/api/v1/transcriptions
GHSA-ff5c-56m7-vc75 CVE-2024-8060 HIGH 8 months ago
OpenWebUI version 0.3.0 contains a vulnerability in the audio API endpoint `/audio/api/v1/transcriptions` that allows for arbitrary file upload. Th...
pypi
No PRs yet
Open WebUI stored cross-site scripting (XSS) vulnerability
GHSA-gj27-76gq-5v3p CVE-2024-7990 HIGH 8 months ago
A stored cross-site scripting (XSS) vulnerability exists in open-webui/open-webui version 0.3.8. The vulnerability is present in the `/api/v1/model...
pypi
No PRs yet
Prefect CORS (Cross-Origin Resource Sharing) misconfiguration
GHSA-4v9f-r55g-g6hc CVE-2024-8183 HIGH 8 months ago
A CORS (Cross-Origin Resource Sharing) misconfiguration in prefecthq/prefect prior to version 3.0.3 allows unauthorized domains to access sensitive...
pypi
No PRs yet
Aim allows denial of service due to no timeouts for some tracking server endpoints
GHSA-6w7p-xrvp-p7xv CVE-2024-8061 HIGH 8 months ago
In version 3.23.0 of aimhubio/aim, certain methods that request data from external servers do not have set timeouts, causing the server to wait ind...
pypi
No PRs yet
Aim Improper Access Control
GHSA-r229-5wgf-f28g CVE-2024-8238 MODERATE 8 months ago
In version 3.22.0 of aimhubio/aim, the AimQL query language uses an outdated version of the safer_getattr() function from RestrictedPython. This ve...
pypi
No PRs yet
Open WebUI lacks authentication for the `api/v1/utils/pdf` endpoint
GHSA-9vf8-xgwm-97r8 CVE-2024-8053 HIGH 8 months ago
In version v0.3.10 of open-webui/open-webui, the `api/v1/utils/pdf` endpoint lacks authentication mechanisms, allowing unauthenticated attackers to...
pypi
No PRs yet
PyTorch Lightning denial of service vulnerability
GHSA-98fp-7v67-4v3q CVE-2024-8020 HIGH 8 months ago
A vulnerability in lightning-ai/pytorch-lightning version 2.3.2 allows an attacker to cause a denial of service by sending an unexpected POST reque...
pypi
No PRs yet
Gradio Vulnerable to Open Redirect
GHSA-7v2w-h4gh-w5cv CVE-2024-8021 MODERATE 8 months ago
An open redirect vulnerability exists in the latest version of gradio-app/gradio. The vulnerability allows an attacker to redirect users to a malic...
pypi
No PRs yet
Open WebUI denial of service through endpoint for converting markdown
GHSA-5v9m-57mq-qc75 CVE-2024-7983 HIGH 8 months ago
In version 0.3.8 of open-webui, an endpoint for converting markdown to HTML is exposed without authentication. A maliciously crafted markdown paylo...
pypi
No PRs yet
H2O Vulnerable to Denial of Service (DoS) via `HEAD` Request
GHSA-5c8j-g96x-cj78 CVE-2024-8062 HIGH 8 months ago
A vulnerability in the typeahead endpoint of h2oai/h2o-3 version 3.46.0 allows for a denial of service. The endpoint performs a `HEAD` request to v...
maven
pypi
No PRs yet
Open WebUI Vulnerable to Cross-Site Request Forgery (CSRF)
GHSA-p5vx-9hj8-cf4h CVE-2024-7035 MODERATE 8 months ago
In version v0.3.8 of open-webui/open-webui, sensitive actions such as deleting and resetting are performed using the GET method. This vulnerability...
pypi
No PRs yet
H2O Vulnerable to Denial of Service (DoS) via `/3/ImportFiles` Endpoint
GHSA-p2vc-m5fv-9w9m CVE-2024-7768 HIGH 8 months ago
A vulnerability in the `/3/ImportFiles` endpoint of h2oai/h2o-3 version 3.46.1 allows an attacker to cause a denial of service. The endpoint takes ...
maven
pypi
No PRs yet
H2O Vulnerable to Denial of Service (DoS) via Large GZIP Parsing
GHSA-6w62-3jvj-mfj6 CVE-2024-7765 HIGH 8 months ago
In h2oai/h2o-3 version 3.46.0.2, a vulnerability exists where uploading and repeatedly parsing a large GZIP file can cause a denial of service. The...
maven
pypi
No PRs yet
Open WebUI Has Improper Access Control Leading to Arbitrary Prompt Read
GHSA-c7fq-p62p-wvpc CVE-2024-7045 MODERATE 8 months ago
In version v0.3.8 of open-webui/open-webui, improper access control vulnerabilities allow an attacker to view any prompts. The application does not...
pypi
No PRs yet
Open Neural Network Exchange (ONNX) Path Traversal Vulnerability
GHSA-h36j-8vv3-cj52 CVE-2024-7776 HIGH 8 months ago
A vulnerability in the `download_model` function of the onnx/onnx framework, before and including version 1.16.1, allows for arbitrary file overwri...
pypi
No PRs yet
PyTorch Lightning path traversal vulnerability
GHSA-4cv3-v7pv-rfhf CVE-2024-8019 CRITICAL 8 months ago
In lightning-ai/pytorch-lightning version 2.3.2, a vulnerability exists in the `LightningApp` when running on a Windows host. The vulnerability occ...
pypi
No PRs yet
Open WebUI Cross-Site Request Forgery (CSRF) Vulnerability
GHSA-85jc-8h5p-8vw8 CVE-2024-7806 HIGH 8 months ago
A vulnerability in open-webui/open-webui versions <= 0.3.8 allows remote code execution by non-admin users via Cross-Site Request Forgery (CSRF). T...
pypi
No PRs yet
Open WebUI Allows Viewing of Admin Details
GHSA-gv26-qw3h-8qvp CVE-2024-7046 MODERATE 8 months ago
An improper access control vulnerability in open-webui/open-webui v0.3.8 allows an attacker to view admin details. The application does not verify ...
pypi
No PRs yet
Open WebUI has SSRF in /openai/models
GHSA-x757-hv69-jr45 CVE-2024-7959 HIGH 8 months ago
The `/openai/models` endpoint in open-webui/open-webui version 0.3.8 is vulnerable to Server-Side Request Forgery (SSRF). An attacker can change th...
pypi
No PRs yet
Open WebUI Vulnerable to a Session Fixation Attack
GHSA-43g4-487m-5q6m CVE-2024-7053 HIGH 8 months ago
A vulnerability in open-webui/open-webui version 0.3.8 allows an attacker with a user-level account to perform a session fixation attack. The sessi...
pypi
No PRs yet
Aim vulnerable to Cross-Site Request Forgery
GHSA-38r9-3j52-h92v CVE-2024-7760 HIGH 8 months ago
aimhubio/aim version 3.22.0 contains a Cross-Site Request Forgery (CSRF) vulnerability in the tracking server. The vulnerability is due to overly p...
pypi
No PRs yet
Open WebUI Unauthenticated Multipart Boundary Denial of Service (DoS) Vulnerability in api/chat/file
GHSA-6wj5-5pgr-jwq8 HIGH 8 months ago
A vulnerability in open-webui/open-webui version 79778fa allows an attacker to cause a Denial of Service (DoS) by uploading a file with a malformed...
pypi
No PRs yet
Aim Path Traversal vulnerability
GHSA-mrvr-7493-pfq3 CVE-2024-6851 HIGH 8 months ago
In version 3.22.0 of aimhubio/aim, the LocalFileManager._cleanup function in the aim tracking server accepts a user-specified glob-pattern for dele...
pypi
No PRs yet
Open WebUI Allows Arbitrary File Reading and Deletion
GHSA-jrhc-9qg9-4qfq CVE-2024-7043 HIGH 8 months ago
An improper access control vulnerability in open-webui/open-webui v0.3.8 allows attackers to view and delete any files. The application does not ve...
pypi
No PRs yet
H2O Vulnerable to Arbitrary File Overwrite via File Export
GHSA-47f6-5p7h-5f3h CVE-2024-6854 HIGH 8 months ago
In h2oai/h2o-3 version 3.46.0, the endpoint for exporting models does not restrict the export location, allowing an attacker to export a model to a...
maven
pypi
No PRs yet
LiteLLM Vulnerable to Remote Code Execution (RCE)
GHSA-53gh-p8jc-7rg8 CVE-2024-6825 HIGH 8 months ago
BerriAI/litellm version 1.40.12 contains a vulnerability that allows remote code execution. The issue exists in the handling of the 'post_call_rule...
pypi
No PRs yet
LoLLMS Code Injection vulnerability
GHSA-jccx-m9v4-9hwh CVE-2024-6982 HIGH 8 months ago
A remote code execution vulnerability exists in the Calculate function of parisneo/lollms version 9.8. The vulnerability arises from the use of Pyt...
pypi
2
Dependabot PRs
Open WebUI Allows Arbitrary File Write via the `/models/upload` Endpoint
GHSA-crh6-pj8c-xrhc CVE-2024-7034 MODERATE 8 months ago
In open-webui version 0.3.8, the endpoint `/models/upload` is vulnerable to arbitrary file write due to improper handling of user-supplied filename...
pypi
No PRs yet
Open WebUI Allows Arbitrary File Write via the `download_model` Endpoint
GHSA-3p9q-7w63-3f8q CVE-2024-7033 MODERATE 8 months ago
In version 0.3.8 of open-webui/open-webui, an arbitrary file write vulnerability exists in the download_model endpoint. When deployed on Windows, t...
pypi
No PRs yet
Aim External Control of File Name or Path vulnerability
GHSA-75px-35p4-qq6h CVE-2024-6829 CRITICAL 8 months ago
A vulnerability in aimhubio/aim version 3.19.3 allows an attacker to exploit the `tarfile.extractall()` function to extract the contents of a malic...
pypi
No PRs yet
MLflow Uncontrolled Resource Consumption vulnerability
GHSA-q3gw-8236-5jw4 CVE-2024-6838 MODERATE 8 months ago
In mlflow/mlflow version v2.13.2, a vulnerability exists that allows the creation or renaming of an experiment with a large number of integers in i...
pypi
No PRs yet
H2O Vulnerable to Execution of Arbitrary Files
GHSA-m37h-8r48-2cxj CVE-2024-6863 MODERATE 8 months ago
In h2oai/h2o-3 version 3.46.0, an endpoint exposing a custom EncryptionTool allows an attacker to encrypt any files on the target server with a key...
maven
pypi
No PRs yet
Open WebUI Vulnerable to Cross-Site Scripting (XSS) via Chat File Upload
GHSA-j274-m559-cj4j CVE-2024-7044 MODERATE 8 months ago
A Stored Cross-Site Scripting (XSS) vulnerability exists in the chat file upload functionality of open-webui/open-webui version 0.3.8. An attacker ...
pypi
No PRs yet
Gunicorn HTTP Request/Response Smuggling vulnerability
GHSA-hc5x-x2vx-497g CVE-2024-6827 HIGH 8 months ago
Gunicorn version 21.2.0 does not properly validate the value of the 'Transfer-Encoding' header as specified in the RFC standards, which leads to th...
pypi
No PRs yet
Open WebUI Uncontrolled Resource Consumption vulnerability
GHSA-wcwp-9rcp-jvfg CVE-2024-7036 HIGH 8 months ago
A vulnerability in open-webui/open-webui v0.3.8 allows an unauthenticated attacker to sign up with excessively large text in the 'name' field, caus...
pypi
No PRs yet
TorchServe script references S3 bucket without ensuring ownership or confirming accessibility
GHSA-xx7c-j7h3-vjcq CVE-2024-6577 MODERATE 8 months ago
In the latest version of pytorch/serve, the script 'upload_results_to_s3.sh' references the S3 bucket 'benchmarkai-metrics-prod' without ensuring i...
pypi
No PRs yet
Open WebUI Allows Admin Deletion via API Endpoint
GHSA-pqwr-phvv-v49f CVE-2024-7039 HIGH 8 months ago
In open-webui/open-webui version v0.3.8, there is an improper privilege management vulnerability. The application allows an attacker, acting as an ...
pypi
No PRs yet
Flask-CORS improper regex path matching vulnerability
GHSA-7rxf-gvfg-47g4 CVE-2024-6839 MODERATE 8 months ago
corydolphin/flask-cors version 5.0.1 contains an improper regex path matching vulnerability. The plugin prioritizes longer regex patterns over more...
pypi
1401
Dependabot PRs
20%
Merged
Flask-CORS vulnerable to Improper Handling of Case Sensitivity
GHSA-43qf-4rqw-9q2g CVE-2024-6866 MODERATE 8 months ago
corydolphin/flask-cors version 5.0.1 contains a vulnerability where the request path matching is case-insensitive due to the use of the `try_match`...
pypi
1401
Dependabot PRs
20%
Merged
Flask-CORS allows for inconsistent CORS matching
GHSA-8vgw-p6qm-5gr7 CVE-2024-6844 MODERATE 8 months ago
A vulnerability in corydolphin/flask-cors version 5.0.1 allows for inconsistent CORS matching due to the handling of the '+' character in URL paths...
pypi
1403
Dependabot PRs
20%
Merged
LlamaIndex Uncontrolled Resource Consumption vulnerability
GHSA-jvpf-xf32-2w4q CVE-2024-12910 MODERATE 8 months ago
A vulnerability in the `KnowledgeBaseWebReader` class of the run-llama/llama_index repository, version latest, allows an attacker to cause a Denial...
pypi
No PRs yet
LlamaIndex vulnerable to Creation of Temporary File in Directory with Insecure Permissions
GHSA-jmgm-gx32-vp4w CVE-2024-12911 HIGH 8 months ago
A vulnerability in the `default_jsonalyzer` function of the `JSONalyzeQueryEngine` in the run-llama/llama_index repository allows for SQL injection...
pypi
No PRs yet
Aim Relative Path Traversal vulnerability
GHSA-p6x3-v6g3-7557 CVE-2024-6483 MODERATE 8 months ago
A vulnerability in the `runs/delete-batch` endpoint of aimhubio/aim version 3.19.3 allows for arbitrary file or directory deletion through path tra...
pypi
No PRs yet
llama-index-packs-finchat SQL Injection vulnerability
GHSA-x48g-hm9c-ww42 CVE-2024-12909 CRITICAL 8 months ago
A vulnerability in the FinanceChatLlamaPack of the llama-index-packs-finchat package, versions up to v0.3.0, allows for SQL injection in the `run_s...
pypi
No PRs yet
Aim Uncontrolled Resource Consumption vulnerability
GHSA-35p3-6j45-prwm CVE-2024-12778 HIGH 8 months ago
A vulnerability in aimhubio/aim version 3.25.0 allows for a denial of service (DoS) attack. The issue arises when a large number of tracked metrics...
pypi
No PRs yet
Open WebUI has vulnerable dependency on starlette via fastapi
GHSA-w466-2wfc-8g58 HIGH 8 months ago
In version 0.3.32 of open-webui, the application uses a vulnerable version of the starlette package through its dependency on fastapi. The starlett...
pypi
No PRs yet
Open WebUI Uncontrolled Resource Consumption vulnerability
GHSA-g3mx-83mp-3rwc CVE-2024-12534 HIGH 8 months ago
In version v0.3.32 of open-webui/open-webui, the application allows users to submit large payloads in the email and password fields during the sign...
npm
pypi
No PRs yet