Skip to content

Instantly share code, notes, and snippets.

@impose1
Last active September 15, 2023 12:36
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
Save impose1/590472eb0544ef1ec36c8a5a40122adb to your computer and use it in GitHub Desktop.
[CVE ID]
CVE-2023-41626
[PRODUCT]
Gradio
[VERSION]
3.27.0
[PROBLEM TYPE]
Incorrect Access Control
[DESCRIPTION]
Gradio v3.27.0 was discovered to contain an arbitrary file upload,Uploading files to the/tmp directory may result in malicious access to website permissions if there are file containing vulnerabilities in other sites on the server.
[Reference]
http://gradio.app
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment