Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Veracode
Veracodeadded 2024/10/18 7:35 a.m.7 views

Race Condition

Gradio is vulnerable to a Race Condition. The vulnerability is due to improper handling of the updaterootinconfig function, allowing an attacker to modify the root URL and redirect traffic to a malicious server...

8.1CVSS6.6AI score0.00192EPSS
Exploits0References2Affected Software1
NVD
NVDadded 2024/10/10 11:15 p.m.10 views

CVE-2024-47870

Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves a race condition in the updaterootinconfig function, allowing an attacker to modify the root URL used by the Gradio frontend to communicate with the backend. By exploiting this flaw, an attacker ca...

8.1CVSS0.00192EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2024/10/10 10:15 p.m.15 views

CVE-2024-47870 Race condition in update_root_in_config may redirect user traffic in Gradio

Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves a race condition in the updaterootinconfig function, allowing an attacker to modify the root URL used by the Gradio frontend to communicate with the backend. By exploiting this flaw, an attacker ca...

7.1CVSS6.4AI score0.00192EPSS
Exploits0References1
Cvelist
Cvelistadded 2024/10/10 10:15 p.m.15 views

CVE-2024-47870 Race condition in update_root_in_config may redirect user traffic in Gradio

Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves a race condition in the updaterootinconfig function, allowing an attacker to modify the root URL used by the Gradio frontend to communicate with the backend. By exploiting this flaw, an attacker ca...

7.1CVSS0.00192EPSS
Exploits0References1
CVE
CVEadded 2024/10/10 10:15 p.m.55 views

CVE-2024-47870

CVE-2024-47870 is a race condition in Gradio’s update_root_in_config function that lets an attacker modify the frontend-backend root URL, enabling redirection of user traffic to a malicious server. This can lead to interception of sensitive data (e.g., credentials, uploaded files) for users conne...

8.1CVSS8AI score0.00192EPSS
Exploits0References1Affected Software1
OSV
OSVadded 2024/10/10 10:4 p.m.6 views

GHSA-XH2X-3MRM-FWQM Gradio has a race condition in update_root_in_config may redirect user traffic

Impact What kind of vulnerability is it? Who is impacted? This vulnerability involves a race condition in the updaterootinconfig function, allowing an attacker to modify the root URL used by the Gradio frontend to communicate with the backend. By exploiting this flaw, an attacker can redirect use...

8.8CVSS8AI score0.00192EPSS
Exploits0References4
Rows per page
Query Builder