CVE-2024-10569

A vulnerability in the dataframe component of gradio-app/gradio version git 98cbcae allows for a zip bomb attack. The component uses pd.readcsv to process input values, which can accept compressed files. An attacker can exploit this by uploading a maliciously crafted zip bomb, leading to a server...

Gradio 安全漏洞

Gradio is an open source Python library from Gradio Open Source, a method for demonstrating machine learning models through a friendly web interface. A security vulnerability exists in Gradio version 98cbcae, which stems from a path traversal vulnerability in the Gradio Audio component, which...

Gradio 安全漏洞

Gradio, an open source Python library from Gradio Open Source, is a method for demonstrating machine learning models through a friendly web interface. A security vulnerability exists in version 98cbcae of Gradio, which stems from the improper handling of compressed files by the dataframe componen...

Gradio 资源管理错误漏洞

Gradio, an open source Python library from Gradio Open Source, is a method for demonstrating machine learning models through a friendly web interface. A resource management error vulnerability exists in Gradio version 98cbcae, which stems from a regular expression used by the gr.Datetime componen...