Количество 2
Количество 2
CVE-2024-7983
In version 0.3.8 of open-webui, an endpoint for converting markdown to HTML is exposed without authentication. A maliciously crafted markdown payload can cause the server to spend excessive time converting it, leading to a denial of service. The server becomes unresponsive to other requests until the conversion is complete.
GHSA-5v9m-57mq-qc75
Open WebUI denial of service through endpoint for converting markdown
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-7983 In version 0.3.8 of open-webui, an endpoint for converting markdown to HTML is exposed without authentication. A maliciously crafted markdown payload can cause the server to spend excessive time converting it, leading to a denial of service. The server becomes unresponsive to other requests until the conversion is complete. | CVSS3: 7.5 | 0% Низкий | 11 месяцев назад |
| GHSA-5v9m-57mq-qc75 Open WebUI denial of service through endpoint for converting markdown | CVSS3: 7.5 | 0% Низкий | 11 месяцев назад |
Уязвимостей на страницу