CVE-2024-7037 | open-webui up to 0.3.8 /api/pipelines/upload path traversal

Posted by Angelo Barbosa | Oct 9, 2024 | CVE

A vulnerability, which was classified as problematic, was found in open-webui up to 0.3.8. Affected is an unknown function of the file /api/pipelines/upload. The manipulation leads to path traversal.

This vulnerability is traded as CVE-2024-7037. It is possible to launch the attack remotely. There is no exploit available.

CVE-2024-7037 | open-webui up to 0.3.8 /api/pipelines/upload path traversal

Related Posts

CVE-2024-37164 | cvat-ai cvat up to 2.14.2 server-side request forgery

CVE-2024-43934 | Robert Felty Collapsing Archives Plugin up to 3.0.5 on WordPress cross site scripting

CVE-2024-34502 | MediaWiki up to 1.39.5/1.40.1/1.41.0 WikibaseLexeme Special:MergeLexemes access control

CVE-2023-52350 | Unisoc S8000 Ril Service out-of-bounds write