Lucene search
PRIOn knowledge basePRION:CVE-2023-51449HistoryDec 22, 2023 - 9:15 p.m.
Arbitrary file deletion
2023-12-2221:15:00
PRIOn knowledge base
www.prio-n.com
4
gradio
vulnerability
file deletion
patch
Gradio is an open-source Python package that allows you to quickly build a demo or web application for your machine learning model, API, or any arbitary Python function. Versions of gradio prior to 4.11.0 contained a vulnerability in the /file route which made them susceptible to file traversal attacks in which an attacker could access arbitrary files on a machine running a Gradio app with a public URL (e.g. if the demo was created with share=True, or on Hugging Face Spaces) if they knew the path of files to look for. This issue has been patched in version 4.11.0.
Related
osv
osv
CVE-2023-51449
2023-12-22 21:15:09
PYSEC-2023-249
2023-12-22 21:15:00
nvd
nvd
CVE-2023-51449
2023-12-22 21:15:09
CVE-2024-3234
2024-06-06 19:16:01
cve
cve
CVE-2023-51449
2023-12-22 21:15:09
CVE-2024-3234
2024-06-06 19:16:01
veracode
veracode
Path Traversal
2023-12-22 11:08:25
cvelist
cvelist
CVE-2023-51449 Make the `/file` secure against file traversal attacks
2023-12-22 20:58:36
CVE-2024-3234 Path Traversal in gaizhenbiao/chuanhuchatgpt
2024-06-06 18:20:45
vulnrichment
vulnrichment
CVE-2023-51449 Make the `/file` secure against file traversal attacks
2023-12-22 20:58:36
CVE-2024-3234 Path Traversal in gaizhenbiao/chuanhuchatgpt
2024-06-06 18:20:45
nuclei
nuclei
Gradio Hugging Face - Local File Inclusion
2024-06-14 17:31:53
github
github