Описание
A vulnerability in the file upload process of gradio-app/gradio version @gradio/video@0.10.2 allows for a Denial of Service (DoS) attack. An attacker can append a large number of characters to the end of a multipart boundary, causing the system to continuously process each character and issue warnings. This can render Gradio inaccessible for extended periods, disrupting services and causing significant downtime.
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:gradio:video:0.10.2:*:*:*:*:gradio:*:*
EPSS
Процентиль: 45%
0.00221
Низкий
7.5 High
CVSS3
7.5 High
CVSS3
Дефекты
CWE-770
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 7.5
github
11 месяцев назад
Gradio DOS in multipart boundry while uploading the file
EPSS
Процентиль: 45%
0.00221
Низкий
7.5 High
CVSS3
7.5 High
CVSS3
Дефекты
CWE-770
NVD-CWE-noinfo