Skip to content

Instantly share code, notes, and snippets.

@impose1
Last active September 15, 2023 12:36
Show Gist options
  • Save impose1/590472eb0544ef1ec36c8a5a40122adb to your computer and use it in GitHub Desktop.
Save impose1/590472eb0544ef1ec36c8a5a40122adb to your computer and use it in GitHub Desktop.
[CVE ID]
CVE-2023-41626
[PRODUCT]
Gradio
[VERSION]
3.27.0
[PROBLEM TYPE]
Incorrect Access Control
[DESCRIPTION]
Gradio v3.27.0 was discovered to contain an arbitrary file upload,Uploading files to the/tmp directory may result in malicious access to website permissions if there are file containing vulnerabilities in other sites on the server.
[Reference]
http://gradio.app
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment