MEDIUM 4.8
GHSA-v4q9-qgqf-7jwp
Gradio arbitrary file upload vulnerability
Details
Gradio v3.27.0 was discovered to contain an arbitrary file upload vulnerability via the `/upload` interface.
Are you affected?
Enter the version of the package you're using.
Affected packages
PyPI / gradio
Introduced in:
0 No fixed version published yet for gradio (pip). Pin to a known-safe version or switch to an alternative.