Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 4:58 a.m.9 views

CVE-2023-6572

Command Injection in GitHub repository gradio-app/gradio prior to main...

9.6CVSS7.2AI score0.0171EPSS
Exploits1
Cvelist
Cvelist
added 2024/06/06 5:55 p.m.44 views

CVE-2024-4941 Local File Inclusion in JSON component in gradio-app/gradio

A local file inclusion vulnerability exists in the JSON component of gradio-app/gradio version 4.25. The vulnerability arises from improper input validation in the postprocess function within gradio/components/jsoncomponent.py, where a user-controlled string is parsed as JSON. If the parsed JSON...

7.5CVSS0.0083EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/03/29 4:35 a.m.27 views

CVE-2024-1729 Timing Attack Vulnerability in gradio-app/gradio

A timing attack vulnerability exists in the gradio-app/gradio repository, specifically within the login function in routes.py. The vulnerability arises from the use of a direct comparison operation app.authusername == password to validate user credentials, which can be exploited to guess password...

5.9CVSS6AI score0.00497EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/03/21 7:57 p.m.42 views

CVE-2024-1727 CSRF Vulnerability in gradio-app/gradio

A Cross-Site Request Forgery CSRF vulnerability in gradio-app/gradio allows attackers to upload multiple large files to a victim's system if they are running Gradio locally. By crafting a malicious HTML page that triggers an unauthorized file upload to the victim's server, an attacker can deplete...

4.3CVSS4.9AI score0.00352EPSS
Exploits1References2
OSV
OSV
added 2023/12/14 2:15 p.m.35 views

PYSEC-2023-255

Command Injection in GitHub repository gradio-app/gradio prior to main...

8.1CVSS7.5AI score0.0171EPSS
Exploits1References6
Rows per page
Query Builder