Cristliu

**Name of the Vulnerable Software and Affected Versions** Ollama versions prior to 0.12.3 **Description** A critical issue allows attackers to bypass authentication in the Ollama platform. The platform exposes API endpoints without authentication requirements, allowing remote attackers to perform unauthorized model management operations. **Recommendations** Update to a version later than 0.12.3.

**Name of the Vulnerable Software and Affected Versions** Open-WebUI versions through 0.6.32 **Description** An authentication bypass exists in the `/api/config` endpoint of Open-WebUI. The endpoint does not have sufficient authentication and authorization controls, potentially allowing unauthenticated remote attackers to access sensitive system configuration data. The vulnerable endpoint is `/api/config`. **Recommendations** Versions prior to 0.6.32 are affected.

**Name of the Vulnerable Software and Affected Versions** Dify version 1.9.1 **Description** A Cross-Origin Resource Sharing (CORS) misconfiguration exists in the `/console/api/system-features` endpoint. The endpoint has an overly permissive CORS policy that reflects arbitrary Origin headers and sets `Access-Control-Allow-Credentials` to true, potentially allowing any external domain to make authenticated cross-origin requests. **Recommendations** Apply a restrictive CORS policy to the `/console/api/system-features` endpoint to only allow requests from trusted origins.

**Name of the Vulnerable Software and Affected Versions** Dify version 1.9.1 **Description** A Cross-Origin Resource Sharing (CORS) misconfiguration exists in the `/console/api/setup` endpoint. The endpoint has an insecure CORS policy that reflects any Origin header and allows Access-Control-Allow-Credentials: true, which allows external domains to make authenticated requests. **Recommendations** Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, restrict access to the `/console/api/setup` endpoint to authorized origins only.

**Name of the Vulnerable Software and Affected Versions** Dify versions through 1.5.1 **Description** The Dify application contains default credentials for PostgreSQL. The PostgreSQL username and password are specified in the `docker-compose.yaml` file included in the application's source code. The supplier indicates that the Docker configuration does not expose PostgreSQL (on TCP port 5432) by default in version 1.0.1 or later. **Recommendations** Versions prior to 1.0.1 should have their `docker-compose.yaml` file reviewed and the default PostgreSQL username and password changed. Versions 1.0.1 and later should verify the Docker configuration does not expose PostgreSQL on TCP port 5432.

**Name of the Vulnerable Software and Affected Versions** Dify version 1.9.1 **Description** Dify version 1.9.1 has an issue with insecure permissions. An attacker who is not authenticated can send HTTP GET requests to the `/console/api/system-features` API endpoint without providing any authentication. The endpoint does not properly verify authorization, allowing unauthorized access to sensitive system configuration data. Approximately 85,000 instances have been identified online over the past year. **Recommendations** Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, restrict access to the `/console/api/system-features` endpoint.