Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

pypi

gradio

pypi

Python library for easily interacting with trained machine learning models

View on github.com · View on pypi.org

Security Advisories for gradio in pypi

Moderate
6 months ago

Gradio Allows Unauthorized File Copy via Path Manipulation GSA_kwCzR0hTQS04anczLTZ4OGotdjk2Z84ABIf4

pypi gradio
Low
6 months ago

Gradio CORS Origin Validation Bypass Vulnerability GSA_kwCzR0hTQS13bWpoLWNwcWotNHY2eM4ABIfc

pypi gradio
High
8 months ago

Gradio DOS in multipart boundry while uploading the file GSA_kwCzR0hTQS01Y3BxLTk1Mzgtam0yas4ABFtK

pypi gradio
Moderate
8 months ago

Gradio Vulnerable to Open Redirect GSA_kwCzR0hTQS03djJ3LWg0Z2gtdzVjds4ABFuP

pypi gradio
Moderate
8 months ago

Gradio Path Traversal vulnerability GSA_kwCzR0hTQS1wcnBnLXA5NWMtMzJmds4ABFtG

pypi gradio
High
8 months ago

Gradio Vulnerable to Arbitrary File Deletion GSA_kwCzR0hTQS1wZ2Z2LWd2YzUtcHJmZ84ABFre

pypi gradio
High
8 months ago

Gradio Vulnerable to Denial of Service (DoS) via Crafted HTTP Request GSA_kwCzR0hTQS1ydmdoLXByNDYteDdnZ84ABFrG

pypi gradio
High
8 months ago

Gradio Vulnerable to Denial of Service (DoS) via Crafted Zip Bomb GSA_kwCzR0hTQS03eG1jLXZoanAtcXY1cc4ABFrC

pypi gradio
Critical
10 months ago

Gradio Blocked Path ACL Bypass Vulnerability GSA_kwCzR0hTQS1qMmpnLWZxNjItN2MzaM4ABDT6

pypi gradio
Moderate
about 1 year ago

Gradio vulnerable to arbitrary file read with File and UploadButton components GSA_kwCzR0hTQS1yaG05LWdwNXAtNTI0OM4ABBBs

pypi gradio
Moderate
about 1 year ago

gradio Server Side Request Forgery vulnerability GSA_kwCzR0hTQS0zZ2Y5LXd2NjUtZ3doOc4ABA9G

pypi gradio
Low
about 1 year ago

Gradio's dropdown component pre-process step does not limit the values to those in the dropdown list GSA_kwCzR0hTQS0yNmpoLXI4ZzItNmZwcs4ABAMK

pypi gradio
Moderate
about 1 year ago

Gradio has an XSS on every Gradio server via upload of HTML files, JS files, or SVG files GSA_kwCzR0hTQS1ndnY2LTMzajctODg0Z84ABAMJ

pypi gradio
High
about 1 year ago

Gradio uses insecure communication between the FRP client and server GSA_kwCzR0hTQS0yNzlqLXg0Z3gtaGZyaM4ABAMI

pypi gradio
High
about 1 year ago

Gradio has a race condition in update_root_in_config may redirect user traffic GSA_kwCzR0hTQS14aDJ4LTNtcm0tZndxbc4ABAMH

pypi gradio
Moderate
about 1 year ago

Gradio performs a non-constant-time comparison when comparing hashes GSA_kwCzR0hTQS1qNzU3LXBmNTctZjhyNM4ABAMG

pypi gradio
Moderate
about 1 year ago

Gradio has several components with post-process steps allow arbitrary file leaks GSA_kwCzR0hTQS00cTNjLWNqN2ctamN3Zs4ABAMF

pypi gradio
High
about 1 year ago

Gradio lacks integrity checking on the downloaded FRP client GSA_kwCzR0hTQS04Yzg3LWd2aGoteG04bc4ABAME

pypi gradio
Low
about 1 year ago

In Gradio, the `enable_monitoring` flag set to `False` does not disable monitoring GSA_kwCzR0hTQS1obTNjLTkzcGctNGN4d84ABAMD

pypi gradio
Moderate
about 1 year ago

Gradio vulnerable to SSRF in the path parameter of /queue/join GSA_kwCzR0hTQS01NzZjLTNqNTMtcjlqas4ABAMC

pypi gradio
Moderate
about 1 year ago

Gradio has a one-level read path traversal in `/custom_component` GSA_kwCzR0hTQS0zN3FjLXFneDYtOXhqds4ABAMB

pypi gradio
Moderate
about 1 year ago

Gradio's CORS origin validation accepts the null origin GSA_kwCzR0hTQS04OXYyLXBxZnYtYzVyOc4ABAMA

pypi gradio
Moderate
about 1 year ago

Gradio's `is_in_or_equal` function may be bypassed GSA_kwCzR0hTQS03N3hxLTZnNzctaDI3NM4ABALi

pypi gradio
High
about 1 year ago

Gradios's CORS origin validation is not performed when the request has a cookie GSA_kwCzR0hTQS0zYzY3LTVod3gtZjZ3eM4ABALh

pypi gradio
Critical
about 1 year ago

Gradio allows users to access arbitrary files GSA_kwCzR0hTQS1tODQyLTRxbTgtN2dwcc4AA_yD

pypi gradio
Moderate
over 1 year ago

Open redirect in gradio GSA_kwCzR0hTQS1nNmM5LWY0eG0tOWo0eM4AA9S3

pypi gradio
High
over 1 year ago

Local file inclusion in gradio GSA_kwCzR0hTQS02djZnLWo1ZnEtaHB2d84AA8wb

pypi gradio
High
over 1 year ago

Server-Side Request Forgery in gradio GSA_kwCzR0hTQS05NzNnLTU1aHAtM2Zyd84AA8wY

pypi gradio
Moderate
over 1 year ago

Gradio applications running locally vulnerable to 3rd party websites accessing routes and uploading files GSA_kwCzR0hTQS00OGNxLTc5cXEtNmY3eM4AA8W1

pypi gradio
Moderate
over 1 year ago

Gradio's Component Server does not properly consider` _is_server_fn` for functions GSA_kwCzR0hTQS0zNHJmLXAzcjMtNTh4Ms4AA7wl

pypi gradio
High
over 1 year ago

Gradio allows credential leakage on Windows GSA_kwCzR0hTQS1ydmZoLWg2YzctZmMzY84AA7wn

pypi gradio
High
over 1 year ago

gradio vulnerable to Path Traversal GSA_kwCzR0hTQS1nOWNqLWNmcHAtNGcyeM4AA7B5

pypi gradio
Moderate
over 1 year ago

gradio Server-Side Request Forgery vulnerability GSA_kwCzR0hTQS1xaDZ4LWo4MmgtdnBmOc4AA7CK

pypi gradio
High
over 1 year ago

Gradio Local File Inclusion vulnerability GSA_kwCzR0hTQS0zZjk1LW14cTItMmY2M84AA64H

pypi gradio
High
over 1 year ago

gradio Server-Side Request Forgery vulnerability GSA_kwCzR0hTQS1yMzY0LW0yajktbWY0aM4AA6Un

pypi gradio
Moderate
over 1 year ago

Gradio apps vulnerable to timing attacks to guess password GSA_kwCzR0hTQS1obXg2LXI3NmMtODVnOc4AA5du

pypi gradio
High
almost 2 years ago

Gradio Path Traversal vulnerability GSA_kwCzR0hTQS1mM2g5LThwaGMtNmd2aM4AA5F4

pypi gradio
High
almost 2 years ago

Gradio makes the `/file` secure against file traversal and server-side request forgery attacks GSA_kwCzR0hTQS02cW0yLXdweHEtN3FoMs4AA39-

pypi gradio
Critical
almost 2 years ago

Gradio Exposure of Sensitive Information to an Unauthorized Actor vulnerability GSA_kwCzR0hTQS1ncXZmLTNoZ3AtNWh4ds4AA3xA

pypi gradio
Moderate
about 2 years ago

Gradio arbitrary file upload vulnerability GSA_kwCzR0hTQS12NHE5LXFncWYtN2p3cM4AA15s

pypi gradio
Moderate
over 2 years ago

Gradio vulnerable to arbitrary file read and proxying of arbitrary URLs GSA_kwCzR0hTQS0zcXFnLXBncXEtMzY5Nc4AAzxc

pypi gradio
Moderate
over 2 years ago

Update share links to use FRP instead of SSH tunneling GSA_kwCzR0hTQS0zeDVqLTl2d3ItOHJyNc4AAxyq

pypi gradio
High
over 3 years ago

Improper Neutralization of Formula Elements in a CSV File in Gradio Flagging GSA_kwCzR0hTQS1mOHhxLXE3cHgtd2c4Y800Kw

pypi gradio
Critical
almost 4 years ago

Files on the host computer can be accessed from the Gradio interface GSA_kwCzR0hTQS1yaHEyLTN2cjktNm1jcs0kJA

pypi gradio

Filter by Severity

Moderate 20 High 17 Critical 4 Low 3