Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
CSRF Vulnerability in gradio-app/gradio
Vulnerability Description
A Cross-Site Request Forgery (CSRF) vulnerability in gradio-app/gradio allows attackers to upload multiple large files to a victim's system if they are running Gradio locally. By crafting a malicious HTML page that triggers an unauthorized file upload to the victim's server, an attacker can deplete the system's disk space, potentially leading to a denial of service. This issue affects the file upload functionality as implemented in gradio/routes.py.
CVSS Information
N/A
Vulnerability Type
跨站请求伪造(CSRF)
Vulnerability Title
Gradio 跨站请求伪造漏洞
Vulnerability Description
Gradio是一个开源 Python 库,是通过友好的 Web 界面演示机器学习模型的方法。 Gradio存在跨站请求伪造漏洞,该漏洞源于容易受到跨站请求伪造攻击。
CVSS Information
N/A
Vulnerability Type
N/A