Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gradio project gradio vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-0964
A local file include could be remotely triggered in Gradio due to a vulnerable user-supplied JSON value in an API request.
Gradio Project Gradio -
1 Github repository
NA
CVE-2023-51449
Gradio is an open-source Python package that allows you to quickly build a demo or web application for your machine learning model, API, or any arbitary Python function. Versions of `gradio` before 4.11.0 contained a vulnerability in the `/file` route which made them susceptible ...
Gradio Project Gradio
NA
CVE-2023-6572
Command Injection in GitHub repository gradio-app/gradio prior to main.
Gradio Project Gradio
NA
CVE-2023-41626
Gradio v3.27.0 exists to contain an arbitrary file upload vulnerability via the /upload interface.
Gradio Project Gradio 3.27.0
NA
CVE-2023-34239
Gradio is an open-source Python library that is used to build machine learning and data science. Due to a lack of path filtering Gradio does not properly restrict file access to users. Additionally Gradio does not properly restrict the what URLs are proxied. These issues have bee...
Gradio Project Gradio
NA
CVE-2023-25823
Gradio is an open-source Python library to build machine learning and data science demos and web applications. Versions before 3.13.1 contain Use of Hard-coded Credentials. When using Gradio's share links (i.e. creating a Gradio app and then setting `share=True`), a private ...
Gradio Project Gradio
6.8
CVSSv2
CVE-2022-24770
`gradio` is an open source framework for building interactive machine learning models and demos. Prior to version 2.8.11, `gradio` suffers from Improper Neutralization of Formula Elements in a CSV File. The `gradio` library has a flagging functionality which saves input/output da...
Gradio Project Gradio
3.5
CVSSv2
CVE-2021-43831
Gradio is an open source framework for building interactive machine learning models and demos. In versions before 2.5.0 there is a vulnerability that affects anyone who creates and publicly shares Gradio interfaces. File paths are not restricted and users who receive a Gradio lin...
Gradio Project Gradio
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started