Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-6707 | 2 Debian, Openwebui | 2 Debian Linux, Open Webui | 2024-08-08 | N/A | 8.8 HIGH |
| Attacker controlled files can be uploaded to arbitrary locations on the web server's filesystem by abusing a path traversal vulnerability. | |||||
| CVE-2024-6706 | 2 Debian, Openwebui | 2 Debian Linux, Open Webui | 2024-08-08 | N/A | 6.1 MEDIUM |
| Attackers can craft a malicious prompt that coerces the language model into executing arbitrary JavaScript in the context of the web page. | |||||