{"data":{"id":"bd9fd3c9-73e1-4cb4-9b4c-46a5074e7fc5","title":"CVE-2024-7959: The `/openai/models` endpoint in open-webui/open-webui version 0.3.8 is vulnerable to Server-Side Request Forgery (SSRF)","summary":"The `/openai/models` endpoint in open-webui version 0.3.8 has a Server-Side Request Forgery vulnerability (SSRF, a flaw where an attacker tricks a server into making requests to unintended locations). An attacker can change the OpenAI URL to any address without validation, allowing the endpoint to send requests to that URL and return the response, potentially exposing internal services and secrets.","solution":"N/A -- no mitigation discussed in source.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2024-7959","publishedAt":"2025-03-20T14:15:38.257Z","cveId":"CVE-2024-7959","cweIds":["CWE-918"],"cvssScore":"7.7","cvssSeverity":"high","severity":"high","attackType":["rag_poisoning"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["open-webui"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00355,"patchAvailable":null,"disclosureDate":null,"capecIds":["CAPEC-664"],"crossRefCount":0,"attackSophistication":"trivial","impactType":["confidentiality","integrity"],"aiComponentTargeted":"api","llmSpecific":false,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":null}}