Last active
September 15, 2023 12:36
-
-
Save impose1/590472eb0544ef1ec36c8a5a40122adb to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[CVE ID] | |
CVE-2023-41626 | |
[PRODUCT] | |
Gradio | |
[VERSION] | |
3.27.0 | |
[PROBLEM TYPE] | |
Incorrect Access Control | |
[DESCRIPTION] | |
Gradio v3.27.0 was discovered to contain an arbitrary file upload,Uploading files to the/tmp directory may result in malicious access to website permissions if there are file containing vulnerabilities in other sites on the server. | |
[Reference] | |
http://gradio.app |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment