Vulnerabilities > Openwebui > Open Webui > 0.3.10

DATE CVE VULNERABILITY TITLE RISK
2025-03-20 CVE-2024-8053 Missing Authentication for Critical Function vulnerability in Openwebui Open Webui 0.3.10
In version v0.3.10 of open-webui/open-webui, the `api/v1/utils/pdf` endpoint lacks authentication mechanisms, allowing unauthenticated attackers to access the PDF generation service.
network
low complexity
openwebui CWE-306
8.2