EUVD-2024-0074

Malicious code in bioql PyPI...

CVE-2024-47871 Insecure communication between the FRP client and server in Gradio

Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves insecure communication between the FRP Fast Reverse Proxy client and server when Gradio's share=True option is used. HTTPS is not enforced on the connection, allowing attackers to intercept and rea...

Missing Encryption of Sensitive Data

Overview gradio is a Python library for easily interacting with trained machine learning models Affected versions of this package are vulnerable to Missing Encryption of Sensitive Data due to insecure communication between the FRP client and server, when the share option is set to true. An attack...

Gradio uses insecure communication between the FRP client and server

Impact What kind of vulnerability is it? Who is impacted? This vulnerability involves insecure communication between the FRP Fast Reverse Proxy client and server when Gradio's share=True option is used. HTTPS is not enforced on the connection, allowing attackers to intercept and read files upload...

PT-2024-32863 · Gradio · Gradio

Name of the Vulnerable Software and Affected Versions: Gradio versions prior to 5 Description: This issue involves insecure communication between the FRP client and server when Gradio's share=True option is used. HTTPS is not enforced on the connection, allowing attackers to intercept and read...

Nextcloud: Email ID Disclosure.

Hey There When A User Share Link With EMAIL TO A PERSON Option. Screenshot Reveals User's Email Address. Steps To Repro: 1 Type Any Username Their that Exists. Screenshot 2 You Will See Email Disclosed. Thanks :...