6 matches found
Withdrawn Advisory: Gradio was discovered to contain a code injection vulnerability via the component /gradio/component_meta.py
Withdrawn Advisory This advisory has been withdrawn because the it only affects a user who runs specifically crafted code that happens to use gradio library. More information can be found here. Original Description Gradio v4.36.1 was discovered to contain a code injection vulnerability via the...
CVE-2024-39236
Gradio v4.36.1 was discovered to contain a code injection vulnerability via the component /gradio/componentmeta.py. This vulnerability is triggered via a crafted input. NOTE: the supplier disputes this because the report is about a user attacking himself...
CVE-2024-39236
Gradio v4.36.1 was discovered to contain a code injection vulnerability via the component /gradio/componentmeta.py. This vulnerability is triggered via a crafted input. NOTE: the supplier disputes this because the report is about a user attacking himself...
PYSEC-2024-274
Gradio v4.36.1 was discovered to contain a code injection vulnerability via the component /gradio/componentmeta.py. This vulnerability is triggered via a crafted input. NOTE: the supplier disputes this because the report is about a user attacking himself...
CVE-2024-39236
Gradio v4.36.1 contains a code-injection vulnerability in the component /gradio/component_meta.py, triggered by crafted input. The CVE details indicate a high-severity issue (CVSS 3.1: 9.8, CRITICAL) with potential impact on confidentiality, integrity, and availability. Red Hat and SUSE entries c...
CVE-2024-39236
Gradio v4.36.1 was discovered to contain a code injection vulnerability via the component /gradio/componentmeta.py. This vulnerability is triggered via a crafted input. NOTE: the supplier disputes this because the report is about a user attacking himself...