Vulnerabilities > Mudler

DATE	CVE	VULNERABILITY TITLE	RISK
2024-10-29	CVE-2024-6868	Unspecified vulnerability in Mudler Localai 2.17.1 mudler/LocalAI version 2.17.1 allows for arbitrary file write due to improper handling of automatic archive extraction. network low complexity mudler critical	9.8
2024-10-29	CVE-2024-7010	Information Exposure Through Discrepancy vulnerability in Mudler Localai 2.17.1 mudler/localai version 2.17.1 is vulnerable to a Timing Attack. network high complexity mudler CWE-203	5.9
2024-07-06	CVE-2024-6095	Server-Side Request Forgery (SSRF) vulnerability in Mudler Localai A vulnerability in the /models/apply endpoint of mudler/localai versions 2.15.0 allows for Server-Side Request Forgery (SSRF) and partial Local File Inclusion (LFI). network low complexity mudler CWE-918	5.8
2024-06-20	CVE-2024-5182	Path Traversal vulnerability in Mudler Localai A path traversal vulnerability exists in mudler/localai version 2.14.0, where an attacker can exploit the `model` parameter during the model deletion process to delete arbitrary files. network low complexity mudler CWE-22 critical	9.1

Vulnerabilities > Mudler {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Mudler"}]}