VYPR

PyPI package

gradio

pkg:pypi/gradio

Vulnerabilities (46)

  • CVE-2023-6572HigDec 14, 2023
    affected < 4.14.0fixed 4.14.0

    Command Injection in GitHub repository gradio-app/gradio prior to main.

  • CVE-2023-41626MedSep 15, 2023
    affected <= 3.27.0

    Gradio v3.27.0 was discovered to contain an arbitrary file upload vulnerability via the /upload interface.

  • CVE-2023-34239HigJun 8, 2023
    affected < 3.34.0fixed 3.34.0

    Gradio is an open-source Python library that is used to build machine learning and data science. Due to a lack of path filtering Gradio does not properly restrict file access to users. Additionally Gradio does not properly restrict the what URLs are proxied. These issues have bee

  • CVE-2023-25823MedFeb 23, 2023
    affected < 3.13.1fixed 3.13.1

    Gradio is an open-source Python library to build machine learning and data science demos and web applications. Versions prior to 3.13.1 contain Use of Hard-coded Credentials. When using Gradio's share links (i.e. creating a Gradio app and then setting `share=True`), a private SSH

  • CVE-2022-24770HigMar 17, 2022
    affected < 2.8.11fixed 2.8.11

    `gradio` is an open source framework for building interactive machine learning models and demos. Prior to version 2.8.11, `gradio` suffers from Improper Neutralization of Formula Elements in a CSV File. The `gradio` library has a flagging functionality which saves input/output da

  • CVE-2021-43831HigDec 15, 2021
    affected < 2.5.0fixed 2.5.0

    Gradio is an open source framework for building interactive machine learning models and demos. In versions prior to 2.5.0 there is a vulnerability that affects anyone who creates and publicly shares Gradio interfaces. File paths are not restricted and users who receive a Gradio l

Page 3 of 3