gradio@5.4.0 vulnerabilities
Python library for easily interacting with trained machine learning models
-
latest version
5.5.0
-
first published
6 years ago
-
latest version published
4 days ago
-
licenses detected
- [0.9.8,)
Direct Vulnerabilities
Known vulnerabilities in the gradio package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
gradio is a Python library for easily interacting with trained machine learning models Affected versions of this package are vulnerable to Directory Traversal due to the improper handling of file paths in the Note: This is only exploitable if the application uses the How to fix Directory Traversal? Upgrade |
[5.0.0,5.5.0)
|
gradio is a Python library for easily interacting with trained machine learning models Affected versions of this package are vulnerable to Server-side Request Forgery (SSRF) due to no restrictions on the URL, in the How to fix Server-side Request Forgery (SSRF)? There is no fixed version for |
[0,)
|
gradio is a Python library for easily interacting with trained machine learning models Affected versions of this package are vulnerable to Arbitrary Code Injection due to improper check of the input, when users generate Note: This vulnerability is disputed by the maintainer because the report is about a user attacking himself. How to fix Arbitrary Code Injection? There is no fixed version for |
[0,)
|
gradio is a Python library for easily interacting with trained machine learning models Affected versions of this package are vulnerable to Open Redirect via the How to fix Open Redirect? There is no fixed version for |
[0,)
|