Количество 2
Количество 2
CVE-2025-5320
A vulnerability classified as problematic has been found in gradio-app gradio up to 5.29.1. This affects the function is_valid_origin of the component CORS Handler. The manipulation of the argument localhost_aliases leads to erweiterte Rechte. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
GHSA-wmjh-cpqj-4v6x
Gradio CORS Origin Validation Bypass Vulnerability
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-5320 A vulnerability classified as problematic has been found in gradio-app gradio up to 5.29.1. This affects the function is_valid_origin of the component CORS Handler. The manipulation of the argument localhost_aliases leads to erweiterte Rechte. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | CVSS3: 3.7 | 0% Низкий | 9 месяцев назад |
| GHSA-wmjh-cpqj-4v6x Gradio CORS Origin Validation Bypass Vulnerability | CVSS3: 3.7 | 0% Низкий | 9 месяцев назад |
Уязвимостей на страницу