CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47871 – Insecure communication between the FRP client and server in Gradio
https://notcve.org/view.php?id=CVE-2024-47871
Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves **insecure communication** between the FRP (Fast Reverse Proxy) client and server when Gradio's `share=True` option is used. HTTPS is not enforced on the connection, allowing attackers to intercept and read files uploaded to the Gradio server, as well as modify responses or data sent between the client and server. This impacts users who are sharing Gradio demos publicly over the internet using `share=True` without proper encryption, exposing sensitive data to potential eavesdroppers. Users are advised to upgrade to `gradio>=5` to address this issue. • https://github.com/gradio-app/gradio/security/advisories/GHSA-279j-x4gx-hfrh • CWE-311: Missing Encryption of Sensitive Data •
CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47872 – Cross-site Scripting on Gradio server via upload of HTML files, JS files, or SVG files
https://notcve.org/view.php?id=CVE-2024-47872
Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves **Cross-Site Scripting (XSS)** on any Gradio server that allows file uploads. Authenticated users can upload files such as HTML, JavaScript, or SVG files containing malicious scripts. When other users download or view these files, the scripts will execute in their browser, allowing attackers to perform unauthorized actions or steal sensitive information from their sessions. This impacts any Gradio server that allows file uploads, particularly those using components that process or display user-uploaded files. • https://github.com/gradio-app/gradio/security/advisories/GHSA-gvv6-33j7-884g • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47084 – CORS origin validation is not performed when the request has a cookie in Gradio
https://notcve.org/view.php?id=CVE-2024-47084
Gradio is an open-source Python package designed for quick prototyping. This vulnerability is related to **CORS origin validation**, where the Gradio server fails to validate the request origin when a cookie is present. This allows an attacker’s website to make unauthorized requests to a local Gradio server. Potentially, attackers can upload files, steal authentication tokens, and access user data if the victim visits a malicious website while logged into Gradio. This impacts users who have deployed Gradio locally and use basic authentication. • https://github.com/gradio-app/gradio/security/advisories/GHSA-3c67-5hwx-f6wx • CWE-285: Improper Authorization •
CVSS: 2.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47164 – The `is_in_or_equal` function may be bypassed in Gradio
https://notcve.org/view.php?id=CVE-2024-47164
Gradio is an open-source Python package designed for quick prototyping. This vulnerability relates to the **bypass of directory traversal checks** within the `is_in_or_equal` function. This function, intended to check if a file resides within a given directory, can be bypassed with certain payloads that manipulate file paths using `..` (parent directory) sequences. Attackers could potentially access restricted files if they are able to exploit this flaw, although the difficulty is high. This primarily impacts users relying on Gradio’s blocklist or directory access validation, particularly when handling file uploads. • https://github.com/gradio-app/gradio/security/advisories/GHSA-77xq-6g77-h274 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47165 – CORS origin validation accepts the null origin in Gradio
https://notcve.org/view.php?id=CVE-2024-47165
Gradio is an open-source Python package designed for quick prototyping. This vulnerability relates to **CORS origin validation accepting a null origin**. When a Gradio server is deployed locally, the `localhost_aliases` variable includes "null" as a valid origin. This allows attackers to make unauthorized requests from sandboxed iframes or other sources with a null origin, potentially leading to data theft, such as user authentication tokens or uploaded files. This impacts users running Gradio locally, especially those using basic authentication. • https://github.com/gradio-app/gradio/security/advisories/GHSA-89v2-pqfv-c5r9 • CWE-285: Improper Authorization •