Gradio Security Vulnerabilities and Issues — Gradio CVE List

Lucene search

Gradio ProjectGradio

5 matches found

CVE•added 2023/02/23 10:15 p.m.•76 views

CVE-2023-25823

Gradio is an open-source Python library to build machine learning and data science demos and web applications. Versions prior to 3.13.1 contain Use of Hard-coded Credentials. When using Gradio's share links (i.e. creating a Gradio app and then setting share=True), a private SSH key is sent to any u...

9.8CVSS7.3AI score0.00091EPSS

CVE•added 2023/12/22 9:15 p.m.•76 views

CVE-2023-51449

Gradio is an open-source Python package that allows you to quickly build a demo or web application for your machine learning model, API, or any arbitary Python function. Versions of gradio prior to 4.11.0 contained a vulnerability in the /file route which made them susceptible to file traversal att...

7.5CVSS6.5AI score0.79587EPSS

CVE•added 2023/06/08 12:15 a.m.•59 views

CVE-2023-34239

Gradio is an open-source Python library that is used to build machine learning and data science. Due to a lack of path filtering Gradio does not properly restrict file access to users. Additionally Gradio does not properly restrict the what URLs are proxied. These issues have been addressed in vers...

9.1CVSS8.3AI score0.0021EPSS

CVE•added 2023/12/14 2:15 p.m.•42 views

CVE-2023-6572

Command Injection in GitHub repository gradio-app/gradio prior to main.

9.6CVSS8.3AI score0.01662EPSS

CVE•added 2023/09/15 11:15 p.m.•25 views

CVE-2023-41626

Gradio v3.27.0 was discovered to contain an arbitrary file upload vulnerability via the /upload interface.

4.8CVSS5.3AI score0.00085EPSS