Browse Security Advisories
Moderate Security Advisories for gradio Clear Filters
Moderate
9 months ago
Gradio vulnerable to arbitrary file read with File and UploadButton components
pypi
gradio
Moderate
10 months ago
Gradio has an XSS on every Gradio server via upload of HTML files, JS files, or SVG files
pypi
gradio
Moderate
10 months ago
Gradio performs a non-constant-time comparison when comparing hashes
pypi
gradio
Moderate
10 months ago
Gradio has several components with post-process steps allow arbitrary file leaks
pypi
gradio
Moderate
10 months ago
Gradio has a one-level read path traversal in `/custom_component`
pypi
gradio
Moderate
about 1 year ago
Gradio applications running locally vulnerable to 3rd party websites accessing routes and uploading files
pypi
gradio
Moderate
about 1 year ago
Gradio's Component Server does not properly consider` _is_server_fn` for functions
pypi
gradio
Moderate
about 2 years ago
Gradio vulnerable to arbitrary file read and proxying of arbitrary URLs
pypi
gradio
Filter by Severity
Filter by Ecosystem
maven
3,135
packagist
3,007
pypi
2,022
npm
1,354
go
1,272
nuget
659
rubygems
437
cargo
411
hex
16
swift
13
actions
7
pub
3
Filter by Package
moodle/moodle
307
tensorflow
200
tensorflow-cpu
198
tensorflow-gpu
197
magento/community-edition
167
org.jenkins-ci.main:jenkins-core
145
typo3/cms
129
org.apache.tomcat:tomcat
96
pimcore/pimcore
87
github.com/mattermost/mattermost/server/v8
76
typo3/cms-core
74
com.liferay.portal:release.portal.bom
73
microweber/microweber
69
silverstripe/framework
68
com.liferay.portal:release.dxp.bom
68
phpmyadmin/phpmyadmin
56
dolibarr/dolibarr
55
drupal/core
54
magento/project-community-edition
51
github.com/usememos/memos
47
thorsten/phpmyfaq
47
actionpack
45
concrete5/concrete5
45
Django
44
apache-airflow
43
drupal/drupal
42
librenms/librenms
42
apache-superset
41
Plone
36
showdoc/showdoc
34
symfony/symfony
33
mantisbt/mantisbt
33
org.elasticsearch:elasticsearch
33
org.keycloak:keycloak-core
32
github.com/grafana/grafana
31
github.com/mattermost/mattermost-server/v6
30
plone
29
nova
29
craftcms/cms
29
moin
27
intelliants/subrion
26
baserproject/basercms
26
ansible
25
snipe/snipe-it
25
mautic/core
24
k8s.io/kubernetes
24
directus
23
shopware/platform
22
django
21
github.com/mattermost/mattermost-server
21
nilsteampassnet/teampass
21
github.com/answerdev/answer
21
gradio
20
org.keycloak:keycloak-services
20
mediawiki/core
20
froxlor/froxlor
20
org.apache.struts:struts2-core
20
grumpydictator/firefly-iii
20
matrix-synapse
19
shopware/shopware
19
github.com/cilium/cilium
19
org.apache.tomcat.embed:tomcat-embed-core
19
remdex/livehelperchat
18
github.com/docker/docker
18
zendframework/zendframework1
17
salt
17
getkirby/cms
17
shopware/core
17
rdiffweb
16
github.com/argoproj/argo-cd/v2
16
github.com/hashicorp/vault
16
io.undertow:undertow-core
15
yetiforce/yetiforce-crm
15
github.com/hashicorp/nomad
15
vyper
15
org.opencms:opencms-core
15
prestashop/prestashop
15
rack
15
DotNetNuke.Core
14
github.com/hashicorp/consul
14
org.xwiki.platform:xwiki-platform-oldcore
14
glance
14
tinymce
14
puppet
14
contao/core-bundle
13
org.springframework.security:spring-security-core
13
org.apache.jspwiki:jspwiki-main
13
com.thoughtworks.xstream:xstream
13
tribalsystems/zenario
13
keystone
13
forkcms/forkcms
13
com.jfinal:jfinal
13
nokogiri
13
github.com/goharbor/harbor
13
org.bouncycastle:bcprov-jdk14
12
wallabag/wallabag
12
github.com/openfga/openfga
12
github.com/argoproj/argo-cd
12
roundup
12
simplesamlphp/simplesamlphp
12
@openzeppelin/contracts
11
ec-cube/ec-cube
11
ckeditor4
11
lavalite/cms
11
TinyMCE
11
org.apache.tomcat:tomcat-coyote
11
bootstrap
11
@openzeppelin/contracts-upgradeable
11
org.eclipse.jetty:jetty-server
11
github.com/traefik/traefik/v2
11
laravel/framework
11
feehi/feehicms
11
phpoffice/phpexcel
11
github.com/containerd/containerd
11
getgrav/grav
11
tinymce/tinymce
11
activesupport
11
genix/cms
11
github.com/ethereum/go-ethereum
11
opencart/opencart
10
org.keycloak:keycloak-parent
10
francoisjacquet/rosariosis
10
org.apache.nifi:nifi
10
github.com/greenpau/caddy-security
10
typo3/cms-backend
10
aiohttp
10
fat_free_crm
10
com.vaadin:vaadin-bom
10
vite
10
OctoPrint
10
org.springframework:spring-core
10
joplin
10
notebook
10
helm.sh/helm/v3
10
phpoffice/phpspreadsheet
10
silverstripe/cms
10
surrealdb
10
bolt/bolt
10
PaddlePaddle
10
org.apache.jspwiki:jspwiki-war
10
zendframework/zendframework
10
ghost
10
vllm
10
bootstrap
10
gogs.io/gogs
10
org.apache.solr:solr-core
10
org.opencrx:opencrx-core-models
9
org.igniterealtime.openfire:parent
9
code.gitea.io/gitea
9
publify_core
9
angular
9
electron
9
next
9
open-webui
9
sylius/sylius
9
twbs/bootstrap
9
swagger-ui
9
calibreweb
9
horizon
9
org.apache.activemq:activemq-client
9
org.bouncycastle:bcprov-jdk15on
9
rubygems-update
9
pimcore/admin-ui-classic-bundle
9
pyftpdlib
9
org.webjars:bootstrap
9
cakephp/cakephp
9
org.jenkins-ci.plugins:git
9
wasmtime
9
org.jenkins-ci.plugins:script-security
9
bootstrap
9
urllib3
9
org.mortbay.jetty:jetty
9
contao/contao
8
onionshare-cli
8
neutron
8
parse-server
8
modoboa
8
mlflow
8
github.com/kubeedge/kubeedge
8
org.jenkins-ci.plugins:subversion
8
centreon/centreon
8
sulu/sulu
8
rails-html-sanitizer
8
rails
8
org.apache.ranger:ranger
8
github.com/moby/moby
8
jquery-rails
8
bootstrap.sass
8
org.apache.archiva:archiva
8
camaleon_cms
8
actionview
8
github.com/traefik/traefik/v3
8
transformers
8
github.com/rancher/rancher
8
phpmyfaq/phpmyfaq
8
phpbb/phpbb
8
impresscms/impresscms
8
org.jenkins-ci.plugins:electricflow
8
Microsoft.ChakraCore
8
org.bouncycastle:bcprov-jdk15to18
8