Alerts
Events
DCR
Explore Cyware Products
Alerts
Events
DCR
Go to listing page
Exploiting File Read Vulnerabilities in Gradio to Steal Secrets from Hugging Face Spaces
Malware and Vulnerabilities
June 15, 2024
Horizon3
Two high-severity vulnerabilities were disclosed to Hugging Face. CVE-2023-51449 is a path traversal vulnerability in the file endpoint whereas CVE-2024-1561 arises from an input validation flaw in the component_server API endpoint.
Read More
File Read Vulnerabilities
Gradio
Hugging Face
Hugging Face Spaces
Secrets Leak
Publisher
Previous
AWS Adds Passkeys Support, Warns Root Users Must Enable ...
Security Products & Services
Next
Critical Security Gaps Uncovered in Open Source AI/ML T ...
Malware and Vulnerabilities
/https://cyware-ent.s3.amazonaws.com/image_bank/fbe2_shutterstock_1584762601.jpg)
/https://cyware-ent.s3.amazonaws.com/image_bank/c3fe_shutterstock_2246673789.jpg)
