CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-1183

An SSRF (Server-Side Request Forgery) vulnerability exists in the gradio-app/gradio repository, allowing attackers to scan and identify open ports within an internal network. By manipulating the 'file' parameter in a GET request, an attacker can discern the status of internal ports based on the presence of a 'Location' header or a 'File not allowed' error in the response.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.601

EPSS Ranking 98.2%

CVSS Severity

CVSS v3 Score 6.5

References

Products affected by CVE-2024-1183

Gradio Project » Gradio » Version: 3.41.0

cpe:2.3:a:gradio_project:gradio:3.41.0
Gradio Project » Gradio » Version: 3.41.1

cpe:2.3:a:gradio_project:gradio:3.41.1
Gradio Project » Gradio » Version: 3.41.2

cpe:2.3:a:gradio_project:gradio:3.41.2
Gradio Project » Gradio » Version: 3.42.0

cpe:2.3:a:gradio_project:gradio:3.42.0
Gradio Project » Gradio » Version: 3.43.0

cpe:2.3:a:gradio_project:gradio:3.43.0
Gradio Project » Gradio » Version: 3.43.1

cpe:2.3:a:gradio_project:gradio:3.43.1
Gradio Project » Gradio » Version: 3.43.2

cpe:2.3:a:gradio_project:gradio:3.43.2
Gradio Project » Gradio » Version: 3.44.0

cpe:2.3:a:gradio_project:gradio:3.44.0
Gradio Project » Gradio » Version: 3.44.1

cpe:2.3:a:gradio_project:gradio:3.44.1
Gradio Project » Gradio » Version: 3.44.2

cpe:2.3:a:gradio_project:gradio:3.44.2
Gradio Project » Gradio » Version: 3.44.3

cpe:2.3:a:gradio_project:gradio:3.44.3
Gradio Project » Gradio » Version: 3.44.4

cpe:2.3:a:gradio_project:gradio:3.44.4
Gradio Project » Gradio » Version: 3.45.0

cpe:2.3:a:gradio_project:gradio:3.45.0
Gradio Project » Gradio » Version: 3.45.1

cpe:2.3:a:gradio_project:gradio:3.45.1
Gradio Project » Gradio » Version: 3.45.2

cpe:2.3:a:gradio_project:gradio:3.45.2
Gradio Project » Gradio » Version: 3.46.0

cpe:2.3:a:gradio_project:gradio:3.46.0
Gradio Project » Gradio » Version: 3.46.1

cpe:2.3:a:gradio_project:gradio:3.46.1
Gradio Project » Gradio » Version: 3.47.0

cpe:2.3:a:gradio_project:gradio:3.47.0
Gradio Project » Gradio » Version: 3.47.1

cpe:2.3:a:gradio_project:gradio:3.47.1
Gradio Project » Gradio » Version: 3.48.0

cpe:2.3:a:gradio_project:gradio:3.48.0
Gradio Project » Gradio » Version: 3.49.0

cpe:2.3:a:gradio_project:gradio:3.49.0
Gradio Project » Gradio » Version: 3.50.0

cpe:2.3:a:gradio_project:gradio:3.50.0
Gradio Project » Gradio » Version: 3.50.1

cpe:2.3:a:gradio_project:gradio:3.50.1
Gradio Project » Gradio » Version: 3.50.2

cpe:2.3:a:gradio_project:gradio:3.50.2
Gradio Project » Gradio » Version: 4.0.0

cpe:2.3:a:gradio_project:gradio:4.0.0
Gradio Project » Gradio » Version: 4.0.1

cpe:2.3:a:gradio_project:gradio:4.0.1
Gradio Project » Gradio » Version: 4.0.2

cpe:2.3:a:gradio_project:gradio:4.0.2
Gradio Project » Gradio » Version: 4.1.0

cpe:2.3:a:gradio_project:gradio:4.1.0
Gradio Project » Gradio » Version: 4.1.1

cpe:2.3:a:gradio_project:gradio:4.1.1
Gradio Project » Gradio » Version: 4.1.2

cpe:2.3:a:gradio_project:gradio:4.1.2
Gradio Project » Gradio » Version: 4.10.0

cpe:2.3:a:gradio_project:gradio:4.10.0
Gradio Project » Gradio » Version: 4.2.0

cpe:2.3:a:gradio_project:gradio:4.2.0
Gradio Project » Gradio » Version: 4.3.0

cpe:2.3:a:gradio_project:gradio:4.3.0
Gradio Project » Gradio » Version: 4.4.0

cpe:2.3:a:gradio_project:gradio:4.4.0
Gradio Project » Gradio » Version: 4.4.1

cpe:2.3:a:gradio_project:gradio:4.4.1
Gradio Project » Gradio » Version: 4.5.0

cpe:2.3:a:gradio_project:gradio:4.5.0
Gradio Project » Gradio » Version: 4.6.0

cpe:2.3:a:gradio_project:gradio:4.6.0
Gradio Project » Gradio » Version: 4.7.0

cpe:2.3:a:gradio_project:gradio:4.7.0
Gradio Project » Gradio » Version: 4.8.0

cpe:2.3:a:gradio_project:gradio:4.8.0
Gradio Project » Gradio » Version: 4.9.0

cpe:2.3:a:gradio_project:gradio:4.9.0
Gradio Project » Gradio » Version: 4.9.1

cpe:2.3:a:gradio_project:gradio:4.9.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-1183

Products

Pricing

Contact Us