mirror of
https://github.com/0xMarcio/cve.git
synced 2025-11-28 18:48:49 +00:00
797 B
797 B
CVE-2024-39236
Description
** DISPUTED ** Gradio v4.36.1 was discovered to contain a code injection vulnerability via the component /gradio/component_meta.py. This vulnerability is triggered via a crafted input. NOTE: the supplier disputes this because the report is about a user attacking himself.
POC
Reference
- https://github.com/Aaron911/PoC/blob/main/Gradio.md
- https://github.com/advisories/GHSA-9v2f-6vcg-3hgv
Github
No PoCs found on GitHub currently.