Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

pypi

Gradio

pypi · Python library for easily interacting with trained machine learning models · Repository · Package

Security Advisories for Gradio in pypi

Moderate
4 months ago

Gradio Allows Unauthorized File Copy via Path Manipulation GSA_kwCzR0hTQS04anczLTZ4OGotdjk2Z84ABIf4

pypi gradio
Low
4 months ago

Gradio CORS Origin Validation Bypass Vulnerability GSA_kwCzR0hTQS13bWpoLWNwcWotNHY2eM4ABIfc

pypi gradio
High
7 months ago

Gradio DOS in multipart boundry while uploading the file GSA_kwCzR0hTQS01Y3BxLTk1Mzgtam0yas4ABFtK

pypi gradio
Moderate
7 months ago

Gradio Vulnerable to Open Redirect GSA_kwCzR0hTQS03djJ3LWg0Z2gtdzVjds4ABFuP

pypi gradio
Moderate
7 months ago

Gradio Path Traversal vulnerability GSA_kwCzR0hTQS1wcnBnLXA5NWMtMzJmds4ABFtG

pypi gradio
High
7 months ago

Gradio Vulnerable to Denial of Service (DoS) via Crafted HTTP Request GSA_kwCzR0hTQS1ydmdoLXByNDYteDdnZ84ABFrG

pypi gradio
High
7 months ago

Gradio Vulnerable to Arbitrary File Deletion GSA_kwCzR0hTQS1wZ2Z2LWd2YzUtcHJmZ84ABFre

pypi gradio
High
7 months ago

Gradio Vulnerable to Denial of Service (DoS) via Crafted Zip Bomb GSA_kwCzR0hTQS03eG1jLXZoanAtcXY1cc4ABFrC

pypi gradio
Critical
9 months ago

Gradio Blocked Path ACL Bypass Vulnerability GSA_kwCzR0hTQS1qMmpnLWZxNjItN2MzaM4ABDT6

pypi gradio
Moderate
11 months ago

Gradio vulnerable to arbitrary file read with File and UploadButton components GSA_kwCzR0hTQS1yaG05LWdwNXAtNTI0OM4ABBBs

pypi gradio
Moderate
11 months ago

gradio Server Side Request Forgery vulnerability GSA_kwCzR0hTQS0zZ2Y5LXd2NjUtZ3doOc4ABA9G

pypi gradio
Low
12 months ago

Gradio's dropdown component pre-process step does not limit the values to those in the dropdown list GSA_kwCzR0hTQS0yNmpoLXI4ZzItNmZwcs4ABAMK

pypi gradio
Moderate
12 months ago

Gradio has an XSS on every Gradio server via upload of HTML files, JS files, or SVG files GSA_kwCzR0hTQS1ndnY2LTMzajctODg0Z84ABAMJ

pypi gradio
High
12 months ago

Gradio uses insecure communication between the FRP client and server GSA_kwCzR0hTQS0yNzlqLXg0Z3gtaGZyaM4ABAMI

pypi gradio
High
12 months ago

Gradio has a race condition in update_root_in_config may redirect user traffic GSA_kwCzR0hTQS14aDJ4LTNtcm0tZndxbc4ABAMH

pypi gradio
Moderate
12 months ago

Gradio performs a non-constant-time comparison when comparing hashes GSA_kwCzR0hTQS1qNzU3LXBmNTctZjhyNM4ABAMG

pypi gradio
Moderate
12 months ago

Gradio has several components with post-process steps allow arbitrary file leaks GSA_kwCzR0hTQS00cTNjLWNqN2ctamN3Zs4ABAMF

pypi gradio
High
12 months ago

Gradio lacks integrity checking on the downloaded FRP client GSA_kwCzR0hTQS04Yzg3LWd2aGoteG04bc4ABAME

pypi gradio
Low
12 months ago

In Gradio, the `enable_monitoring` flag set to `False` does not disable monitoring GSA_kwCzR0hTQS1obTNjLTkzcGctNGN4d84ABAMD

pypi gradio
Moderate
12 months ago

Gradio vulnerable to SSRF in the path parameter of /queue/join GSA_kwCzR0hTQS01NzZjLTNqNTMtcjlqas4ABAMC

pypi gradio
Moderate
12 months ago

Gradio has a one-level read path traversal in `/custom_component` GSA_kwCzR0hTQS0zN3FjLXFneDYtOXhqds4ABAMB

pypi gradio
Moderate
12 months ago

Gradio's CORS origin validation accepts the null origin GSA_kwCzR0hTQS04OXYyLXBxZnYtYzVyOc4ABAMA

pypi gradio
Moderate
12 months ago

Gradio's `is_in_or_equal` function may be bypassed GSA_kwCzR0hTQS03N3hxLTZnNzctaDI3NM4ABALi

pypi gradio
High
12 months ago

Gradios's CORS origin validation is not performed when the request has a cookie GSA_kwCzR0hTQS0zYzY3LTVod3gtZjZ3eM4ABALh

pypi gradio
Critical
about 1 year ago

Gradio allows users to access arbitrary files GSA_kwCzR0hTQS1tODQyLTRxbTgtN2dwcc4AA_yD

pypi gradio
Critical
over 1 year ago

Gradio was discovered to contain a code injection vulnerability via the component /gradio/component_meta.py GSA_kwCzR0hTQS05djJmLTZ2Y2ctM2hnds4AA9cz

pypi Gradio
Moderate
over 1 year ago

Open redirect in gradio GSA_kwCzR0hTQS1nNmM5LWY0eG0tOWo0eM4AA9S3

pypi gradio
High
over 1 year ago

Local file inclusion in gradio GSA_kwCzR0hTQS02djZnLWo1ZnEtaHB2d84AA8wb

pypi gradio
High
over 1 year ago

Server-Side Request Forgery in gradio GSA_kwCzR0hTQS05NzNnLTU1aHAtM2Zyd84AA8wY

pypi gradio
Moderate
over 1 year ago

Gradio applications running locally vulnerable to 3rd party websites accessing routes and uploading files GSA_kwCzR0hTQS00OGNxLTc5cXEtNmY3eM4AA8W1

pypi gradio
High
over 1 year ago

Gradio allows credential leakage on Windows GSA_kwCzR0hTQS1ydmZoLWg2YzctZmMzY84AA7wn

pypi gradio
Moderate
over 1 year ago

Gradio's Component Server does not properly consider` _is_server_fn` for functions GSA_kwCzR0hTQS0zNHJmLXAzcjMtNTh4Ms4AA7wl

pypi gradio
High
over 1 year ago

gradio vulnerable to Path Traversal GSA_kwCzR0hTQS1nOWNqLWNmcHAtNGcyeM4AA7B5

pypi gradio
Moderate
over 1 year ago

gradio Server-Side Request Forgery vulnerability GSA_kwCzR0hTQS1xaDZ4LWo4MmgtdnBmOc4AA7CK

pypi gradio
High
over 1 year ago

Gradio Local File Inclusion vulnerability GSA_kwCzR0hTQS0zZjk1LW14cTItMmY2M84AA64H

pypi gradio
High
over 1 year ago

gradio Server-Side Request Forgery vulnerability GSA_kwCzR0hTQS1yMzY0LW0yajktbWY0aM4AA6Un

pypi gradio
Moderate
over 1 year ago

Gradio apps vulnerable to timing attacks to guess password GSA_kwCzR0hTQS1obXg2LXI3NmMtODVnOc4AA5du

pypi gradio
High
over 1 year ago

Gradio Path Traversal vulnerability GSA_kwCzR0hTQS1mM2g5LThwaGMtNmd2aM4AA5F4

pypi gradio
High
almost 2 years ago

Gradio makes the `/file` secure against file traversal and server-side request forgery attacks GSA_kwCzR0hTQS02cW0yLXdweHEtN3FoMs4AA39-

pypi gradio
Critical
almost 2 years ago

Gradio Exposure of Sensitive Information to an Unauthorized Actor vulnerability GSA_kwCzR0hTQS1ncXZmLTNoZ3AtNWh4ds4AA3xA

pypi gradio
Moderate
about 2 years ago

Gradio arbitrary file upload vulnerability GSA_kwCzR0hTQS12NHE5LXFncWYtN2p3cM4AA15s

pypi gradio
Moderate
over 2 years ago

Gradio vulnerable to arbitrary file read and proxying of arbitrary URLs GSA_kwCzR0hTQS0zcXFnLXBncXEtMzY5Nc4AAzxc

pypi gradio
Moderate
over 2 years ago

Update share links to use FRP instead of SSH tunneling GSA_kwCzR0hTQS0zeDVqLTl2d3ItOHJyNc4AAxyq

pypi gradio
High
over 3 years ago

Improper Neutralization of Formula Elements in a CSV File in Gradio Flagging GSA_kwCzR0hTQS1mOHhxLXE3cHgtd2c4Y800Kw

pypi gradio
Critical
over 3 years ago

Files on the host computer can be accessed from the Gradio interface GSA_kwCzR0hTQS1yaHEyLTN2cjktNm1jcs0kJA

pypi gradio

Filter by Severity

Moderate 20 High 17 Critical 5 Low 3