Количество 3
Количество 3
CVE-2024-48057
localai <=2.20.1 is vulnerable to Cross Site Scripting (XSS). When calling the delete model API and passing inappropriate parameters, it can cause a one-time storage XSS, which will trigger the payload when a user accesses the homepage.
GHSA-ghx4-cgxw-7h9p
LocalAI Cross-site Scripting vulnerability
SUSE-SU-2024:4042-1
Security update for govulncheck-vulndb
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-48057 localai <=2.20.1 is vulnerable to Cross Site Scripting (XSS). When calling the delete model API and passing inappropriate parameters, it can cause a one-time storage XSS, which will trigger the payload when a user accesses the homepage. | CVSS3: 6.1 | 0% Низкий | больше 1 года назад |
| GHSA-ghx4-cgxw-7h9p LocalAI Cross-site Scripting vulnerability | CVSS3: 6.1 | 0% Низкий | больше 1 года назад |
 | SUSE-SU-2024:4042-1 Security update for govulncheck-vulndb | около 1 года назад |
Уязвимостей на страницу