CVE-2024-51751
CVE-2024-51751
Título es
CVE-2024-51751
Mié, 06/11/2024 – 20:15
Tipo
CWE-22
Gravedad 2.0 Txt
Pendiente de análisis
Título en
CVE-2024-51751
Descripción en
Gradio is an open-source Python package designed to enable quick builds of a demo or web application. If File or UploadButton components are used as a part of Gradio application to preview file content, an attacker with access to the application might abuse these components to read arbitrary files from the application server. This issue has been addressed in release version 5.5.0 and all users are advised to upgrade. There are no known workarounds for this vulnerability.
06/11/2024
06/11/2024
Vector CVSS:3.1
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Gravedad 3.1 (CVSS 3.1 Base Score)
6.50
Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
MEDIUM
Enviar en el boletín
Off
