Filters

pip/gradioCross-site Scripting on Gradio server via upload of HTML files, JS files, or SVG files

First published (updated )

pip/gradioInsecure communication between the FRP client and server in Gradio

First published (updated )

pip/gradioRace condition in update_root_in_config may redirect user traffic in Gradio

8.1
First published (updated )

pip/gradioNon-constant-time comparison when comparing hashes in Gradio

3.7
First published (updated )

pip/gradioSeveral components’ post-process steps may allow arbitrary file leaks in Gradio

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

pip/gradioSSRF in the path parameter of /queue/join in Gradio

First published (updated )

pip/gradioThe `enable_monitoring` flag set to `False` does not disable monitoring in Gradio

First published (updated )

pip/gradioOne-level read path traversal in `/custom_component` in Gradio

First published (updated )

pip/gradioCORS origin validation accepts the null origin in Gradio

First published (updated )

pip/gradioThe `is_in_or_equal` function may be bypassed in Gradio

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

pip/gradioCORS origin validation is not performed when the request has a cookie in Gradio

8.8
First published (updated )

pip/gradioServer-Side Request Forgery (SSRF) in gradio-app/gradio

8.6
EPSS
0.04%
First published (updated )

pip/gradioLocal File Inclusion in JSON component in gradio-app/gradio

7.5
EPSS
0.04%
First published (updated )

pip/gradioLFI in Gradio

First published (updated )

pip/gradioMake the `/file` secure against file traversal attacks

8.6
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Gradio Project GradioCommand Injection in gradio-app/gradio

EPSS
0.05%
First published (updated )

Gradio Project GradioMalicious File Upload

First published (updated )

Gradio Project GradioInput Validation

First published (updated )

Gradio Project GradioGradio contains Use of Hard-coded Credentials

First published (updated )

Gradio Project GradioImproper Neutralization of Formula Elements in a CSV File in Gradio Flagging

8.8
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Gradio Project GradioFiles on the host computer can be accessed from the Gradio interface

8.3
First published (updated )

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203