Lucene search
China National Vulnerability DatabaseCNVD-2022-21540HistoryMar 18, 2022 - 12:00 a.m.
gradio arbitrary code injection vulnerability
2022-03-1800:00:00
China National Vulnerability Database
www.cnvd.org.cn
9
0.002 Low
EPSS
Percentile
59.3%
gradio is an open source framework. gradio is vulnerable to arbitrary code injection. The vulnerability automatically runs these commands and can be exploited by an attacker to run arbitrary commands on a user’s computer.
| CPE | Name | Operator | Version |
|---|---|---|---|
| gradio gradio | lt | 2.8.11 |
Related
cve
cve
CVE-2022-24770
2022-03-17 21:15:08
prion
prion
Input validation
2022-03-17 21:15:00
nvd
nvd
CVE-2022-24770
2022-03-17 21:15:08
osv
osv
PYSEC-2022-229
2022-03-17 21:15:00
CVE-2022-24770
2022-03-17 21:15:08
Improper Neutralization of Formula Elements in a CSV File in Gradio Flagging
2022-03-18 23:11:43
github
github
Improper Neutralization of Formula Elements in a CSV File in Gradio Flagging
2022-03-18 23:11:43
veracode
veracode
Command Injection
2022-03-18 12:15:42
cvelist
cvelist