Lucene search
GoogleOSV:GHSA-V4Q9-QGQF-7JWPHistorySep 16, 2023 - 12:30 a.m.
Gradio arbitrary file upload vulnerability
2023-09-1600:30:30
Google
osv.dev
4
gradio v3.27.0
arbitrary file upload
/upload interface
software
CVSS3
4.8
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
EPSS
0.001
Percentile
28.0%
Gradio v3.27.0 was discovered to contain an arbitrary file upload vulnerability via the /upload interface.
Related
cvelist
cvelist
CVE-2023-41626
2023-09-15 00:00:00
veracode
veracode
Arbitrary File Upload
2023-10-09 05:03:42
osv
osv
CVE-2023-41626
2023-09-15 23:15:07
github
github
Gradio arbitrary file upload vulnerability
2023-09-16 00:30:30
prion
prion
Design/Logic Flaw
2023-09-15 23:15:00
vulnrichment
vulnrichment
CVE-2023-41626
2023-09-15 00:00:00
cve
cve
CVE-2023-41626
2023-09-15 23:15:07
nvd
nvd
CVE-2023-41626
2023-09-15 23:15:07
CVSS3
4.8
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
EPSS
0.001
Percentile
28.0%
Related for OSV:GHSA-V4Q9-QGQF-7JWP