This CVE has been withdrawn by MITRE
MITRE marked CVE-2024-7959 as REJECTED on . There is no longer a valid blast radius to assess. Any historical package or vendor data shown below is preserved for audit reference only.
Reason given by MITRE
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2024-7959 Blast Radius
✕ WITHDRAWN — HISTORICAL DATAThe `/openai/models` endpoint in open-webui/open-webui version 0.3.8 is vulnerable to Server-Side Request Forgery (SSRF). An attacker can change the O…