PT-2023-32700 · Gradio · Gradio
Published
2023-12-14
·
Updated
2024-02-28
·
CVE-2023-6572
CVSS v3.1
9.6
Critical
| Vector | AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
gradio versions prior to main
Description
The issue concerns Exposure of Sensitive Information to an Unauthorized Actor in the GitHub repository gradio-app/gradio.
Recommendations
For versions prior to main, update to the main version or later to resolve the issue.
Exploit
Fix
Command Injection
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Gradio