Regular Expression Denial of Service (ReDoS)

Overview gradio is a Python library for easily interacting with trained machine learning models Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS through the gr.Datetime component. An attacker can cause the server to consume excessive CPU resources and...

CVE-2024-10624

A Regular Expression Denial of Service ReDoS vulnerability exists in the gradio-app/gradio repository, affecting the gr.Datetime component. The affected version is git commit 98cbcae. The vulnerability arises from the use of a regular expression ^?:\snow\s?:-\s\d+\sdmhs??\s$ to process user input...

Gradio 资源管理错误漏洞

Gradio, an open source Python library from Gradio Open Source, is a method for demonstrating machine learning models through a friendly web interface. A resource management error vulnerability exists in Gradio version 98cbcae, which stems from a regular expression used by the gr.Datetime componen...