PYSEC-2024-261

See a problem?
Import Source
https://github.com/pypa/advisory-database/blob/main/vulns/gradio/PYSEC-2024-261.yaml
JSON Data
https://api.osv.dev/v1/vulns/PYSEC-2024-261
Aliases
Published
2024-02-05T23:15:08.190Z
Modified
2026-05-19T05:26:17.245463873Z
Severity
  • 9.4 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L CVSS Calculator
Summary
[none]
Details

A local file include could be remotely triggered in Gradio due to a vulnerable user-supplied JSON value in an API request.

References

Affected packages

PyPI / gradio

Package

Name
gradio
View open source insights on deps.dev
Purl
pkg:pypi/gradio

Affected ranges

Database specific

source 
"https://github.com/pypa/advisory-database/blob/main/vulns/gradio/PYSEC-2024-261.yaml"