Lucene search
PRIOn knowledge basePRION:CVE-2021-43831HistoryDec 15, 2021 - 8:15 p.m.
Design/Logic Flaw
2021-12-1520:15:00
PRIOn knowledge base
www.prio-n.com
3
Gradio is an open source framework for building interactive machine learning models and demos. In versions prior to 2.5.0 there is a vulnerability that affects anyone who creates and publicly shares Gradio interfaces. File paths are not restricted and users who receive a Gradio link can access any files on the host computer if they know the file names or file paths. This is limited only by the host operating system. Paths are opened in read only mode. The problem has been patched in gradio 2.5.0.
Related
cve
cve
CVE-2021-43831
2021-12-15 20:15:08
cvelist
cvelist
nuclei
nuclei
Gradio < 2.5.0 - Arbitrary File Read
2024-06-15 12:43:59
veracode
veracode
Path Traversal
2021-12-16 04:58:38
osv
osv
CVE-2021-43831
2021-12-15 20:15:08
PYSEC-2021-873
2021-12-15 20:15:00
Files on the host computer can be accessed from the Gradio interface
2022-01-21 23:43:33
github
github
Files on the host computer can be accessed from the Gradio interface
2022-01-21 23:43:33
cnvd
cnvd
Gradio path traversal vulnerability
2021-12-17 00:00:00
nvd
nvd
CVE-2021-43831
2021-12-15 20:15:08