CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-51751 – Arbitrary file read with File and UploadButton components in Gradio
https://notcve.org/view.php?id=CVE-2024-51751
Gradio is an open-source Python package designed to enable quick builds of a demo or web application. If File or UploadButton components are used as a part of Gradio application to preview file content, an attacker with access to the application might abuse these components to read arbitrary files from the application server. This issue has been addressed in release version 5.5.0 and all users are advised to upgrade. There are no known workarounds for this vulnerability. • https://github.com/gradio-app/gradio/security/advisories/GHSA-rhm9-gp5p-5248 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47867 – Lack of integrity check on the downloaded FRP client in Gradio
https://notcve.org/view.php?id=CVE-2024-47867
Gradio is an open-source Python package designed for quick prototyping. This vulnerability is a **lack of integrity check** on the downloaded FRP client, which could potentially allow attackers to introduce malicious code. If an attacker gains access to the remote URL from which the FRP client is downloaded, they could modify the binary without detection, as the Gradio server does not verify the file's checksum or signature. Any users utilizing the Gradio server's sharing mechanism that downloads the FRP client could be affected by this vulnerability, especially those relying on the executable binary for secure data tunneling. There is no direct workaround for this issue without upgrading. • https://github.com/gradio-app/gradio/security/advisories/GHSA-8c87-gvhj-xm8m • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47868 – Several components’ post-process steps may allow arbitrary file leaks in Gradio
https://notcve.org/view.php?id=CVE-2024-47868
Gradio is an open-source Python package designed for quick prototyping. This is a **data validation vulnerability** affecting several Gradio components, which allows arbitrary file leaks through the post-processing step. Attackers can exploit these components by crafting requests that bypass expected input constraints. This issue could lead to sensitive files being exposed to unauthorized users, especially when combined with other vulnerabilities, such as issue TOB-GRADIO-15. The components most at risk are those that return or handle file data. • https://github.com/gradio-app/gradio/security/advisories/GHSA-4q3c-cj7g-jcwf • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 2.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47869 – Non-constant-time comparison when comparing hashes in Gradio
https://notcve.org/view.php?id=CVE-2024-47869
Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves a **timing attack** in the way Gradio compares hashes for the `analytics_dashboard` function. Since the comparison is not done in constant time, an attacker could exploit this by measuring the response time of different requests to infer the correct hash byte-by-byte. This can lead to unauthorized access to the analytics dashboard, especially if the attacker can repeatedly query the system with different keys. Users are advised to upgrade to `gradio>4.44` to mitigate this issue. • https://github.com/gradio-app/gradio/security/advisories/GHSA-j757-pf57-f8r4 • CWE-203: Observable Discrepancy •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47870 – Race condition in update_root_in_config may redirect user traffic in Gradio
https://notcve.org/view.php?id=CVE-2024-47870
Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves a **race condition** in the `update_root_in_config` function, allowing an attacker to modify the `root` URL used by the Gradio frontend to communicate with the backend. By exploiting this flaw, an attacker can redirect user traffic to a malicious server. This could lead to the interception of sensitive data such as authentication credentials or uploaded files. This impacts all users who connect to a Gradio server, especially those exposed to the internet, where malicious actors could exploit this race condition. • https://github.com/gradio-app/gradio/security/advisories/GHSA-xh2x-3mrm-fwqm • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •