4 matches found
Exploit for Path Traversal in Gradio_Project Gradio
CVE-2024-1728 CVE-2024-1728 POC A serious vulnerability has be...
GHSA-M842-4QM8-7GPQ Gradio allows users to access arbitrary files
Impact This vulnerability allows users of Gradio applications that have a public link such as on Hugging Face Spaces to access files on the machine hosting the Gradio application. This involves intercepting and modifying the network requests made by the Gradio app to the server. Patches Yes, the...
CVE-2024-1728 Local File Inclusion in gradio-app/gradio
gradio-app/gradio is vulnerable to a local file inclusion vulnerability due to improper validation of user-supplied input in the UploadButton component. Attackers can exploit this vulnerability to read arbitrary files on the filesystem, such as private SSH keys, by manipulating the file path in t...
CVE-2024-1728 Local File Inclusion in gradio-app/gradio
gradio-app/gradio is vulnerable to a local file inclusion vulnerability due to improper validation of user-supplied input in the UploadButton component. Attackers can exploit this vulnerability to read arbitrary files on the filesystem, such as private SSH keys, by manipulating the file path in t...