Latest version: v5.9.1
| CVE/PVE | Vulnerability ID | Advisory | Affected versions | Severity | Severity Score |
|---|---|---|---|---|---|
| PVE-2024-73631 | 73631 |
Affected versions of the Gradio package are vulnerable to a Race Cond… |
|
- | - |
| CVE-2024-4325 | 71888 |
A Server-Side Request Forgery (SSRF) vulnerability exists in the grad… |
|
HIGH | 8.6 |
| CVE-2024-0964 | 66708 |
A local file include could be remotely triggered in Gradio due to a v… |
|
CRITICAL | 9.4 |
| CVE-2024-4940 | 71887 |
An open redirect vulnerability exists in the gradio-app/gradio, affec… |
|
- | - |
| CVE-2024-4941 | 71658 |
A local file inclusion vulnerability exists in the JSON component of … |
|
HIGH | 7.5 |
| PVE-2024-66799 | 66799 |
Gradio version 4.22.0 addresses a race condition that impacted the sy… |
|
- | - |
| CVE-2024-34510 | 71656 |
Gradio affected versions allow credential leakage on Windows. # This… |
|
- | - |
| CVE-2024-1728 | 73493 |
Affected versions of the gradio package are vulnerable to improper fi… |
|
- | - |
| CVE-2024-1728 | 71662 |
gradio-app/gradio is vulnerable to a local file inclusion vulnerabili… |
|
- | - |
| PVE-2024-99761 | 66709 |
A local file include could be remotely triggered in Gradio due to a v… |
|
- | - |
| CVE-2024-1727 | 71655 |
A Cross-Site Request Forgery (CSRF) vulnerability in gradio-app/gradi… |
|
- | - |
| PVE-2024-65402 | 65402 |
Gradio version 4.19.1 introduces security enhancements to protect aga… |
|
- | - |
| CVE-2024-1729 | 71659 |
A timing attack vulnerability exists in the gradio-app/gradio reposit… |
|
- | - |
| CVE-2024-1540 | 71657 |
A command injection vulnerability exists in the deploy+test-visual.ym… |
|
- | - |
| CVE-2024-2206 | 71660 |
An SSRF vulnerability exists in the gradio-app/gradio due to insuffic… |
|
- | - |
| CVE-2023-6572 | 70406 |
Exposure of Sensitive Information to an Unauthorized Actor in GitHub … |
|
HIGH | 8.1 |
| CVE-2024-1561 | 71889 |
An issue was discovered in gradio-app/gradio, where the `/component_s… |
|
- | - |
| CVE-2024-1561 | 71654 |
An issue was discovered in gradio-app/gradio, where the `/component_s… |
|
- | - |
| CVE-2023-51449 | 63108 |
Gradio has a vulnerability in versions prior to 4.11.0, allowing file… |
|
HIGH | 7.5 |
| CVE-2024-1183 | 71661 |
An SSRF (Server-Side Request Forgery) vulnerability exists in the gra… |
|
- | - |
| PVE-2023-62973 | 62973 |
Gradio 4.10.0 includes a fix for a SSRF vulnerability on '/file=' rou… |
|
- | - |
| CVE-2023-34239 | 58902 |
Gradio 3.34.0 includes a fix for a path traversal vulnerability. htt… |
|
CRITICAL | 9.1 |
| CVE-2023-41626 | 65231 |
Gradio v3.27.0 was discovered to contain an arbitrary file upload vul… |
|
MEDIUM | 4.8 |
| CVE-2023-25823 | 53453 |
Gradio 3.19.1 includes a fix for CVE-2023-25823: When using Gradio's … |
|
CRITICAL | 9.8 |
| PVE-2022-52426 | 52426 |
Gradio 3.13.1 adds HTTPS for the share links. https://github.com/gra… |
|
- | - |
| PVE-2021-43619 | 43619 |
Gradio 2.6.0 fixes arbitrary file read vulnerabilities. https://gith… |
|
HIDDEN | X.Y |
| CVE-2022-24770 | 54509 |
`gradio` is an open source framework for building interactive machine… |
|
HIGH | 8.8 |
| CVE-2021-43831 | 54307 |
Gradio is an open source framework for building interactive machine l… |
|
HIGH | 7.7 |
| CVE-2024-39236 | 72086 |
Affected versions of Gradio contain a code injection vulnerability vi… |
|
- | - |