GO-2024-3253
- Source
- https://pkg.go.dev/vuln/GO-2024-3253
- Import Source
- https://vuln.go.dev/ID/GO-2024-3253.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/GO-2024-3253
- Aliases
-
- CVE-2024-48057
- GHSA-ghx4-cgxw-7h9p
- Published
- 2024-11-06T17:21:43Z
- Modified
- 2024-11-06T17:57:04.923989Z
- Summary
- LocalAI Cross-site Scripting vulnerability in github.com/mudler/LocalAI
- Details
-
LocalAI Cross-site Scripting vulnerability in github.com/mudler/LocalAI
- Database specific
{ "review_status": "UNREVIEWED", "url": "https://pkg.go.dev/vuln/GO-2024-3253" }- References
-
- https://github.com/advisories/GHSA-ghx4-cgxw-7h9p
- https://nvd.nist.gov/vuln/detail/CVE-2024-48057
- https://gist.github.com/AfterSnows/1bd7ee5a3a42dbb5f5ff67f7f9c8ccec
- https://github.com/mudler/LocalAI/blob/master/core/http/views/index.html#L75
- https://rumbling-slice-eb0.notion.site/LocalAI-deleted-model-with-storage-XSS-CSRF-vulnerability-in-mudler-localai-101e3cda9e8c80e0ac12fe418d5dd982?pvs=4
Affected packages
Go / github.com/mudler/LocalAI
Package
- Name
- github.com/mudler/LocalAI
- View open source insights on deps.dev
- Purl
- pkg:golang/github.com/mudler/LocalAI