Lucene search
GoogleOSV:CVE-2021-43831HistoryDec 15, 2021 - 8:15 p.m.
CVE-2021-43831
2021-12-1520:15:08
Google
osv.dev
3
gradio
open source
vulnerability
file access
patch
Gradio is an open source framework for building interactive machine learning models and demos. In versions prior to 2.5.0 there is a vulnerability that affects anyone who creates and publicly shares Gradio interfaces. File paths are not restricted and users who receive a Gradio link can access any files on the host computer if they know the file names or file paths. This is limited only by the host operating system. Paths are opened in read only mode. The problem has been patched in gradio 2.5.0.
Related
nuclei
nuclei
Gradio < 2.5.0 - Arbitrary File Read
2024-06-15 12:43:59
veracode
veracode
Path Traversal
2021-12-16 04:58:38
github
github
Files on the host computer can be accessed from the Gradio interface
2022-01-21 23:43:33
osv
osv
Files on the host computer can be accessed from the Gradio interface
2022-01-21 23:43:33
PYSEC-2021-873
2021-12-15 20:15:00
cvelist
cvelist
cve
cve
CVE-2021-43831
2021-12-15 20:15:08
prion
prion
Design/Logic Flaw
2021-12-15 20:15:00
cnvd
cnvd
Gradio path traversal vulnerability
2021-12-17 00:00:00
nvd
nvd
CVE-2021-43831
2021-12-15 20:15:08