gradio@4.20.1 vulnerabilities

Python library for easily interacting with trained machine learning models

latest version

4.31.0
first published

5 years ago
latest version published

20 hours ago
licenses detected
- Apache-2.0
  [0.1.0,0.8.0); [0.9.8,)
View gradio package health on Snyk Advisor Open this link in a new tab

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the gradio package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability Vulnerable Version

Vulnerability	Vulnerable Version
M Race Condition gradio is a Python library for easily interacting with trained machine learning models Affected versions of this package are vulnerable to Race Condition that impacts the synchronization between state and loading status updates. An attacker could disrupt service and cause a denial of service by exploiting this vulnerability. How to fix Race Condition? Upgrade `gradio` to version 4.22.0 or higher.	[,4.22.0)
H Unrestricted Upload of File with Dangerous Type gradio is a Python library for easily interacting with trained machine learning models Affected versions of this package are vulnerable to Unrestricted Upload of File with Dangerous Type via the `/tmp` directory. An attacker can upload arbitrary files, potentially leading to unauthorized access or execution of malicious code. How to fix Unrestricted Upload of File with Dangerous Type? There is no fixed version for `gradio`.	[0,)

Race Condition

gradio is a Python library for easily interacting with trained machine learning models

Affected versions of this package are vulnerable to Race Condition that impacts the synchronization between state and loading status updates. An attacker could disrupt service and cause a denial of service by exploiting this vulnerability.

How to fix Race Condition?

Upgrade gradio to version 4.22.0 or higher.

[,4.22.0)

Unrestricted Upload of File with Dangerous Type

gradio is a Python library for easily interacting with trained machine learning models

Affected versions of this package are vulnerable to Unrestricted Upload of File with Dangerous Type via the /tmp directory. An attacker can upload arbitrary files, potentially leading to unauthorized access or execution of malicious code.

How to fix Unrestricted Upload of File with Dangerous Type?

There is no fixed version for gradio.

[0,)

Go back to all versions of this package

gradio@4.20.1 vulnerabilities

Python library for easily interacting with trained machine learning models

latest version

first published

latest version published

licenses detected

Direct Vulnerabilities