EPSS
Percentile
61.7%
gradio is vulnerable to code injection. The vulnerability exists in flag and open functions in flagging.py due to lack of sanitization of flagging inputs which allows a malicious attacker to send and execute arbitrary code.
flag
open
flagging.py
github.com/gradio-app/gradio/commit/80fea89117358ee105973453fdc402398ae20239
github.com/gradio-app/gradio/pull/817
github.com/gradio-app/gradio/security/advisories/GHSA-f8xq-q7px-wg8c