7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
6.4 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
37.1%
gradio is vulnerable to Path Traversal. The vulnerability is caused due to the lack of proper validation of user-controlled input when invoking methods on a Component class. This issue may lead to unauthorized access to sensitive files on the host machine, potentially exposing confidential data stored within those files.
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
6.4 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
37.1%