Always-Incorrect Control Flow Implementation

gradio is vulnerable to Always-Incorrect Control Flow Implementation. The vulnerability is due to the improper handling of the enablemonitoring flag. An attacker can access sensitive application analytics by directly requesting the /monitoring endpoint...

PYSEC-2024-198

Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves data exposure due to the enablemonitoring flag not properly disabling monitoring when set to False. Even when monitoring is supposedly disabled, an attacker or unauthorized user can still access th...

Always-Incorrect Control Flow Implementation

Overview gradio is a Python library for easily interacting with trained machine learning models Affected versions of this package are vulnerable to Always-Incorrect Control Flow Implementation due to the improper handling of the enablemonitoring flag. An attacker can access sensitive application...

PT-2024-32451 · Gradio · Gradio

Name of the Vulnerable Software and Affected Versions: Gradio versions prior to 4.44 Description: This issue involves data exposure due to the enable monitoring flag not properly disabling monitoring when set to False. Even when monitoring is supposedly disabled, an attacker or unauthorized user...

UBUNTU-CVE-2016-7067

Monit before version 5.20.0 is vulnerable to a cross site request forgery attack. Successful exploitation will enable an attacker to disable/enable all monitoring for a particular host or disable/enable monitoring for a specific service...

CVE-2015-4355

Cross-site request forgery CSRF vulnerability in the Watchdog Aggregator module for Drupal allows remote attackers to hijack the authentication of administrators for requests that enable or disable monitoring sites via unspecified vectors...