Submit #778266: Weights and Biases OpenUI <= 1.0 (commit f9d8f0e) Generation of Error Message Containing Sensitive Information (CWE-209)info

TitelWeights and Biases OpenUI <= 1.0 (commit f9d8f0e) Generation of Error Message Containing Sensitive Information (CWE-209)
Beschreibung# Technical Details A Verbose Error Message Information Leak vulnerability exists in the global exception handler in `backend/openui/server.py` of Weights and Biases OpenUI. The generic_exception_handler at line 265 returns raw Python exception strings directly to clients in JSON error responses via f"Internal Server Error: {exc}". When an upstream LLM provider rejects a configured API key, the full error body (including the key value) is relayed back to the user via the APIStatusError handler at lines 209-215. In local/Docker mode, authentication is automatic, making this exploitable by any network-adjacent attacker. # Vulnerable Code File: backend/openui/server.py (lines 265-278, 209-215, 355-358) Method: generic_exception_handler(), chat_completions error handling, OAuth callback Why: Raw exception objects are formatted into HTTP responses using f-strings. APIStatusError.message containing upstream API key info is forwarded verbatim. OAuth callback sets raw str(e) as browser cookie. # Reproduction 1. Start OpenUI via Docker. Get auto-issued session: curl -s -c /tmp/cookies.txt http://localhost:7878/v1/session 2. Trigger internal error: POST /v1/chat/completions with {"messages":[...]} (omitting "model") — leaks Python internals. 3. Trigger API key leak: POST /v1/chat/completions with {"model":"gpt-3.5-turbo",...} when upstream key is invalid — response includes the API key. # Impact - Upstream LLM API key exposure (OpenAI, Groq, custom providers). - Internal server structure reconnaissance (filesystem paths, package versions). - Credential exposure enabling further attacks.
Quelle⚠️ https://gist.github.com/YLChen-007/8c6ff147186855e4b716e7526de213e1
Benutzer
 Eric-b (UID 96354)
Einreichung12.03.2026 02:49 (vor 18 Tagen)
Moderieren27.03.2026 14:48 (15 days later)
StatusAkzeptiert
VulDB Eintrag353881 [wandb OpenUI bis 1.0/3.5-turb APIStatusError backend/openui/server.py generic_exception_handler key Information Disclosure]
Punkte20

ZurückÜbersichtWeiter

Want to stay up to date on a daily basis?

Enable the mail alert feature now!