Lucene search
K

4 matches found

vulnersOsv
vulnersOsv
added 2025/05/29 3:31 p.m.4 views

ace-step (=0.1.0), ambientagi (>=0.1.1 <=0.2.12) +39 more potentially affected by CVE-2025-5320 via gradio (>=5.0.0 <=5.29.1)

gradio PYPI version =5.0.0, =0.1.1, =0.0.1, =1.0.1, =0.1.2, =0.0.5, =0.0.2, =0.1.0, =2.0.0, =1.1.8b3, =1.0.0, =2025.1.24, =0.3.0, =0.6.3 and more Source cves: CVE-2025-5320 Source advisory: OSV:GHSA-WMJH-CPQJ-4V6X...

6.3CVSS5.7AI score0.00224EPSS
Exploits0
NVD
NVD
added 2025/05/29 2:15 p.m.16 views

CVE-2025-5320

A vulnerability classified as problematic has been found in gradio-app gradio up to 5.29.1. This affects the function isvalidorigin of the component CORS Handler. The manipulation of the argument localhostaliases leads to erweiterte Rechte. It is possible to initiate the attack remotely. The...

6.3CVSS0.00224EPSS
Exploits0References5
CVE
CVE
added 2025/05/29 1:31 p.m.63 views

CVE-2025-5320

CVE-2025-5320 affects gradio-app/gradio up to version 5.29.1. The vulnerability lies in the CORS Handler’s is_valid_origin function, where manipulating the localhost_aliases argument can lead to an origin validation error and potential privilege escalation. Exploitation is described as remote wit...

6.3CVSS4AI score0.00224EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/05/29 1:31 p.m.11 views

CVE-2025-5320 gradio-app gradio CORS is_valid_origin privilege escalation

A vulnerability classified as problematic has been found in gradio-app gradio up to 5.29.1. This affects the function isvalidorigin of the component CORS Handler. The manipulation of the argument localhostaliases leads to erweiterte Rechte. It is possible to initiate the attack remotely. The...

6.3CVSS4AI score0.00224EPSS
Exploits0References5
Rows per page
Query Builder