Vulnerabilities > Mudler
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-10-29 | CVE-2024-6868 | Unspecified vulnerability in Mudler Localai 2.17.1 mudler/LocalAI version 2.17.1 allows for arbitrary file write due to improper handling of automatic archive extraction. | 9.8 |
2024-10-29 | CVE-2024-7010 | Information Exposure Through Discrepancy vulnerability in Mudler Localai 2.17.1 mudler/localai version 2.17.1 is vulnerable to a Timing Attack. | 5.9 |
2024-07-06 | CVE-2024-6095 | Unspecified vulnerability in Mudler Localai A vulnerability in the /models/apply endpoint of mudler/localai versions 2.15.0 allows for Server-Side Request Forgery (SSRF) and partial Local File Inclusion (LFI). | 5.8 |
2024-06-20 | CVE-2024-5182 | Unspecified vulnerability in Mudler Localai A path traversal vulnerability exists in mudler/localai version 2.14.0, where an attacker can exploit the `model` parameter during the model deletion process to delete arbitrary files. | 9.1 |