Safety vulnerability ID: 73493
The information on this page was manually curated by our Cybersecurity Intelligence Team.
Affected versions of the gradio package are vulnerable to improper file handling. This vulnerability could allow unauthorized access to files not properly uploaded, leading to potential data exposure or manipulation. The vulnerable functions include file processing methods that did not verify file locations. Exploitability depends on the ability to manipulate file paths or access non-uploaded files. The patch includes checks to ensure files are in the designated upload folder before processing. This vulnerability is specific to environments where file uploads are handled. The issue is tracked under CWE-552: Files or Directories Accessible to External Parties.
Latest version: 5.9.1
Python library for easily interacting with trained machine learning models
This vulnerability has no description
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application