Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gradio project gradio - vulnerabilities and exploits
(subscribe to this query)
9.4
CVSSv3
CVE-2024-0964
A local file include could be remotely triggered in Gradio due to a vulnerable user-supplied JSON value in an API request.
Gradio Project Gradio -
1 Github repository
7.5
CVSSv3
CVE-2023-51449
Gradio is an open-source Python package that allows you to quickly build a demo or web application for your machine learning model, API, or any arbitary Python function. Versions of `gradio` before 4.11.0 contained a vulnerability in the `/file` route which made them susceptible ...
Gradio Project Gradio
8.1
CVSSv3
CVE-2023-6572
Command Injection in GitHub repository gradio-app/gradio prior to main.
Gradio Project Gradio
4.8
CVSSv3
CVE-2023-41626
Gradio v3.27.0 exists to contain an arbitrary file upload vulnerability via the /upload interface.
Gradio Project Gradio 3.27.0
9.1
CVSSv3
CVE-2023-34239
Gradio is an open-source Python library that is used to build machine learning and data science. Due to a lack of path filtering Gradio does not properly restrict file access to users. Additionally Gradio does not properly restrict the what URLs are proxied. These issues have bee...
Gradio Project Gradio
9.8
CVSSv3
CVE-2023-25823
Gradio is an open-source Python library to build machine learning and data science demos and web applications. Versions before 3.13.1 contain Use of Hard-coded Credentials. When using Gradio's share links (i.e. creating a Gradio app and then setting `share=True`), a private ...
Gradio Project Gradio
8.8
CVSSv3
CVE-2022-24770
`gradio` is an open source framework for building interactive machine learning models and demos. Prior to version 2.8.11, `gradio` suffers from Improper Neutralization of Formula Elements in a CSV File. The `gradio` library has a flagging functionality which saves input/output da...
Gradio Project Gradio
7.7
CVSSv3
CVE-2021-43831
Gradio is an open source framework for building interactive machine learning models and demos. In versions before 2.5.0 there is a vulnerability that affects anyone who creates and publicly shares Gradio interfaces. File paths are not restricted and users who receive a Gradio lin...
Gradio Project Gradio
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started