Products
Gradio
- before 4.13
Source
cve@mitre.org
Tags
CVE-2024-34511 details
Published : May 5, 2024, 8:15 p.m.
Last Modified : May 5, 2024, 8:15 p.m.
Last Modified : May 5, 2024, 8:15 p.m.
Description
Component Server in Gradio before 4.13 does not properly consider _is_server_fn for functions.
CVSS Score
| 1 | 2 | 3 | 4 | 5 | 6.5 | 7 | 8 | 9 | 10 |
|---|
Weakness
| Weakness | Name | Description |
|---|
CVSS Data
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
NONE
Base Score
6.5
Exploitability Score
Impact Score
Base Severity
MEDIUM
Vector String : CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N
References
| URL | Source |
|---|---|
| https://github.com/gradio-app/gradio/ | cve@mitre.org |
| https://www.gradio.app/changelog#4-13-0 | cve@mitre.org |
This website uses the NVD API, but is not approved or certified by it.