CVE-2024-39236 | Gradio 4.36.1 component_meta.py code injection

Posted by Angelo Barbosa | Jul 1, 2024 | CVE

A vulnerability was found in Gradio 4.36.1. It has been declared as critical. This vulnerability affects unknown code of the file /gradio/component_meta.py. The manipulation leads to code injection.

This vulnerability was named CVE-2024-39236. The attack can only be done within the local network. Furthermore, there is an exploit available.

CVE-2024-39236 | Gradio 4.36.1 component_meta.py code injection

Related Posts

CVE-2024-24328 | Totolink A3300R 17.0.0cu.557_B20221024 setMacFilterRules enable command injection

CVE-2024-22248 | Vmware SD-WAN Orchestrator 5.0.0 redirect (VMSA-2024-0008)

CVE-2023-40548 | rhboot shim on 32-bit verify_sbat_section heap-based overflow

CVE-2024-0870 | YITH WooCommerce Gift Cards Plugin up to 4.12.0 on WordPress Setting authorization