L1Uyi

**Name of the Vulnerable Software and Affected Versions** open-webui version 0.5.16 **Description** The issue concerns a Server-Side Request Forgery (SSRF) vulnerability. It is located in the routers/ollama.py file, specifically in the `verify connection()` function. **Recommendations** For open-webui version 0.5.16, consider restricting access to the `verify connection()` function in routers/ollama.py until a patch is available. As a temporary workaround, disabling the `verify connection()` function may help minimize the risk of exploitation.