{"id":"CVE-2024-2206","details":"An SSRF vulnerability exists in the gradio-app/gradio due to insufficient validation of user-supplied URLs in the `/proxy` route. Attackers can exploit this vulnerability by manipulating the `self.replica_urls` set through the `X-Direct-Url` header in requests to the `/` and `/config` routes, allowing the addition of arbitrary URLs for proxying. This flaw enables unauthorized proxying of requests and potential access to internal endpoints within the Hugging Face space. The issue arises from the application's inadequate checking of safe URLs in the `build_proxy_request` function.","aliases":["GHSA-r364-m2j9-mf4h"],"modified":"2026-03-13T07:50:07.731225Z","published":"2024-03-27T01:15:46.613Z","references":[{"type":"FIX","url":"https://github.com/gradio-app/gradio/commit/49d9c48537aa706bf72628e3640389470138bdc6"},{"type":"EVIDENCE","url":"https://huntr.com/bounties/2286c1ed-b889-45d6-adda-7014ea06d98e"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/gradio-app/gradio","events":[{"introduced":"1265a9ac134f867f4187c1f7d15ab27dbdf7503b"},{"fixed":"bb4126cc243bb3d198b16b85bef867ede830ecaf"},{"fixed":"49d9c48537aa706bf72628e3640389470138bdc6"}],"database_specific":{"versions":[{"introduced":"3.47.1"},{"fixed":"4.18.0"}]}}],"versions":["@gradio/accordion@0.3.0","@gradio/annotatedimage@0.4.4","@gradio/app@1.23.0","@gradio/atoms@0.2.0","@gradio/atoms@0.2.0-beta.6","@gradio/atoms@0.2.1","@gradio/atoms@0.2.2","@gradio/atoms@0.3.0","@gradio/atoms@0.3.1","@gradio/atoms@0.4.0","@gradio/atoms@0.4.1","@gradio/atoms@0.5.0","@gradio/atoms@0.5.1","@gradio/audio@0.4.0","@gradio/audio@0.4.0-beta.9","@gradio/audio@0.4.1","@gradio/audio@0.4.2","@gradio/audio@0.4.3","@gradio/audio@0.5.0","@gradio/audio@0.5.1","@gradio/audio@0.5.2","@gradio/audio@0.5.3","@gradio/audio@0.5.4","@gradio/audio@0.5.5","@gradio/audio@0.6.0","@gradio/audio@0.6.1","@gradio/audio@0.6.2","@gradio/audio@0.6.3","@gradio/audio@0.6.4","@gradio/audio@0.7.0","@gradio/audio@0.7.1","@gradio/audio@0.7.2","@gradio/audio@0.8.0","@gradio/audio@0.8.1","@gradio/box@0.1.0","@gradio/box@0.1.0-beta.7","@gradio/box@0.1.1","@gradio/box@0.1.2","@gradio/box@0.1.3","@gradio/box@0.1.4","@gradio/box@0.1.5","@gradio/box@0.1.6","@gradio/box@0.1.7","@gradio/box@0.1.8","@gradio/button@0.2.0","@gradio/button@0.2.0-beta.7","@gradio/button@0.2.1","@gradio/button@0.2.10","@gradio/button@0.2.11","@gradio/button@0.2.12","@gradio/button@0.2.13","@gradio/button@0.2.14","@gradio/button@0.2.15","@gradio/button@0.2.16","@gradio/button@0.2.17","@gradio/button@0.2.18","@gradio/button@0.2.19","@gradio/button@0.2.2","@gradio/button@0.2.3","@gradio/button@0.2.4","@gradio/button@0.2.5","@gradio/button@0.2.6","@gradio/button@0.2.7","@gradio/button@0.2.8","@gradio/button@0.2.9","@gradio/cdn-test@0.0.1","@gradio/chatbot@0.4.0","@gradio/chatbot@0.4.0-beta.9","@gradio/chatbot@0.4.1","@gradio/chatbot@0.4.2","@gradio/chatbot@0.4.3","@gradio/chatbot@0.4.4","@gradio/chatbot@0.4.5","@gradio/chatbot@0.4.6","@gradio/chatbot@0.4.7","@gradio/chatbot@0.4.8","@gradio/chatbot@0.5.0","@gradio/chatbot@0.5.1","@gradio/chatbot@0.5.2","@gradio/chatbot@0.5.3","@gradio/chatbot@0.5.4","@gradio/chatbot@0.5.5","@gradio/chatbot@0.5.6","@gradio/chatbot@0.6.0","@gradio/chatbot@0.6.1","@gradio/chatbot@0.6.2","@gradio/chatbot@0.6.3","@gradio/chatbot@0.6.4","@gradio/checkbox@0.2.0","@gradio/checkbox@0.2.0-beta.8","@gradio/checkbox@0.2.1","@gradio/checkbox@0.2.2","@gradio/checkbox@0.2.3","@gradio/checkbox@0.2.4","@gradio/checkbox@0.2.5","@gradio/checkbox@0.2.6","@gradio/checkbox@0.2.7","@gradio/checkbox@0.2.8","@gradio/checkboxgroup@0.3.0","@gradio/checkboxgroup@0.3.0-beta.8","@gradio/checkboxgroup@0.3.1","@gradio/checkboxgroup@0.3.2","@gradio/checkboxgroup@0.3.3","@gradio/checkboxgroup@0.3.4","@gradio/checkboxgroup@0.3.5","@gradio/checkboxgroup@0.3.6","@gradio/checkboxgroup@0.3.7","@gradio/checkboxgroup@0.3.8","@gradio/checkboxgroup@0.4.0","@gradio/checkboxgroup@0.4.1","@gradio/checkboxgroup@0.4.2","@gradio/client@0.10.0","@gradio/client@0.10.1","@gradio/client@0.11.0","@gradio/client@0.5.1","@gradio/client@0.5.2","@gradio/client@0.6.0","@gradio/client@0.7.0","@gradio/client@0.7.0-beta.1","@gradio/client@0.7.1","@gradio/client@0.7.2","@gradio/client@0.8.0","@gradio/client@0.8.1","@gradio/client@0.8.2","@gradio/client@0.9.0","@gradio/client@0.9.1","@gradio/client@0.9.2","@gradio/client@0.9.3","@gradio/client@0.9.4","@gradio/code@0.2.0","@gradio/code@0.2.0-beta.8","@gradio/code@0.2.1","@gradio/code@0.2.2","@gradio/code@0.2.3","@gradio/code@0.2.4","@gradio/code@0.2.5","@gradio/code@0.2.6","@gradio/code@0.2.7","@gradio/code@0.2.8","@gradio/code@0.2.9","@gradio/code@0.3.0","@gradio/code@0.3.1","@gradio/code@0.3.2","@gradio/code@0.3.3","@gradio/code@0.3.4","@gradio/code@0.3.5","@gradio/code@0.3.6","@gradio/code@0.3.7","@gradio/code@0.3.8","@gradio/code@0.4.0","@gradio/colorpicker@0.2.0","@gradio/colorpicker@0.2.0-beta.8","@gradio/colorpicker@0.2.1","@gradio/colorpicker@0.2.2","@gradio/colorpicker@0.2.3","@gradio/colorpicker@0.2.4","@gradio/colorpicker@0.2.5","@gradio/colorpicker@0.2.6","@gradio/colorpicker@0.2.7","@gradio/colorpicker@0.2.8","@gradio/column@0.1.0","@gradio/column@0.1.0-beta.3","@gradio/dataframe@0.3.0","@gradio/dataframe@0.3.0-beta.8","@gradio/dataframe@0.3.1","@gradio/dataframe@0.3.10","@gradio/dataframe@0.3.11","@gradio/dataframe@0.3.2","@gradio/dataframe@0.3.3","@gradio/dataframe@0.3.4","@gradio/dataframe@0.3.5","@gradio/dataframe@0.3.6","@gradio/dataframe@0.3.7","@gradio/dataframe@0.3.8","@gradio/dataframe@0.3.9","@gradio/dataframe@0.4.0","@gradio/dataframe@0.4.1","@gradio/dataframe@0.4.2","@gradio/dataframe@0.4.3","@gradio/dataframe@0.4.4","@gradio/dataframe@0.4.5","@gradio/dataframe@0.4.6","@gradio/dataframe@0.5.0","@gradio/dataframe@0.5.1","@gradio/dataframe@0.6.0","@gradio/dataset@0.1.0","@gradio/dataset@0.1.0-beta.2","@gradio/dataset@0.1.1","@gradio/dataset@0.1.10","@gradio/dataset@0.1.11","@gradio/dataset@0.1.12","@gradio/dataset@0.1.13","@gradio/dataset@0.1.14","@gradio/dataset@0.1.15","@gradio/dataset@0.1.16","@gradio/dataset@0.1.17","@gradio/dataset@0.1.18","@gradio/dataset@0.1.19","@gradio/dataset@0.1.2","@gradio/dataset@0.1.3","@gradio/dataset@0.1.4","@gradio/dataset@0.1.5","@gradio/dataset@0.1.6","@gradio/dataset@0.1.7","@gradio/dataset@0.1.8","@gradio/dataset@0.1.9","@gradio/dropdown@0.3.0","@gradio/dropdown@0.3.0-beta.8","@gradio/dropdown@0.3.1","@gradio/dropdown@0.3.2","@gradio/dropdown@0.3.3","@gradio/dropdown@0.4.0","@gradio/dropdown@0.4.1","@gradio/dropdown@0.4.2","@gradio/dropdown@0.4.3","@gradio/dropdown@0.5.0","@gradio/dropdown@0.5.1","@gradio/dropdown@0.5.2","@gradio/fallback@0.2.0","@gradio/fallback@0.2.0-beta.8","@gradio/fallback@0.2.1","@gradio/fallback@0.2.2","@gradio/fallback@0.2.3","@gradio/fallback@0.2.4","@gradio/fallback@0.2.5","@gradio/fallback@0.2.6","@gradio/fallback@0.2.7","@gradio/fallback@0.2.8","@gradio/file@0.2.0","@gradio/file@0.2.0-beta.8","@gradio/file@0.2.1","@gradio/file@0.2.2","@gradio/file@0.2.3","@gradio/file@0.2.4","@gradio/file@0.2.5","@gradio/file@0.2.6","@gradio/file@0.2.7","@gradio/file@0.3.0","@gradio/file@0.3.1","@gradio/file@0.4.0","@gradio/file@0.4.1","@gradio/file@0.4.2","@gradio/file@0.4.3","@gradio/file@0.4.4","@gradio/file@0.4.5","@gradio/file@0.4.6","@gradio/file@0.4.7","@gradio/file@0.4.8","@gradio/file@0.4.9","@gradio/fileexplorer@0.3.19","@gradio/form@0.1.0","@gradio/form@0.1.0-beta.7","@gradio/form@0.1.1","@gradio/form@0.1.2","@gradio/form@0.1.3","@gradio/form@0.1.4","@gradio/form@0.1.5","@gradio/form@0.1.6","@gradio/form@0.1.7","@gradio/form@0.1.8","@gradio/gallery@0.4.0","@gradio/gallery@0.4.0-beta.9","@gradio/gallery@0.4.1","@gradio/gallery@0.4.10","@gradio/gallery@0.4.11","@gradio/gallery@0.4.12","@gradio/gallery@0.4.13","@gradio/gallery@0.4.14","@gradio/gallery@0.4.15","@gradio/gallery@0.4.16","@gradio/gallery@0.4.17","@gradio/gallery@0.4.2","@gradio/gallery@0.4.3","@gradio/gallery@0.4.4","@gradio/gallery@0.4.5","@gradio/gallery@0.4.6","@gradio/gallery@0.4.7","@gradio/gallery@0.4.8","@gradio/gallery@0.4.9","@gradio/gallery@0.5.0","@gradio/gallery@0.6.0","@gradio/gallery@0.6.1","@gradio/group@0.1.0","@gradio/group@0.1.0-beta.2","@gradio/highlightedtext@0.4.0","@gradio/highlightedtext@0.4.0-beta.8","@gradio/highlightedtext@0.4.1","@gradio/highlightedtext@0.4.2","@gradio/highlightedtext@0.4.3","@gradio/highlightedtext@0.4.4","@gradio/highlightedtext@0.4.5","@gradio/highlightedtext@0.4.6","@gradio/highlightedtext@0.4.7","@gradio/highlightedtext@0.4.8","@gradio/html@0.1.0","@gradio/html@0.1.0-beta.8","@gradio/html@0.1.1","@gradio/html@0.1.2","@gradio/html@0.1.3","@gradio/html@0.1.4","@gradio/html@0.1.5","@gradio/html@0.1.6","@gradio/html@0.1.7","@gradio/html@0.1.8","@gradio/icons@0.2.0","@gradio/icons@0.2.0-beta.3","@gradio/icons@0.2.1","@gradio/icons@0.3.0","@gradio/icons@0.3.1","@gradio/icons@0.3.2","@gradio/image@0.3.0","@gradio/image@0.3.0-beta.9","@gradio/image@0.3.1","@gradio/image@0.3.2","@gradio/image@0.3.3","@gradio/image@0.3.4","@gradio/image@0.3.5","@gradio/image@0.3.6","@gradio/image@0.4.0","@gradio/image@0.4.1","@gradio/image@0.4.2","@gradio/image@0.5.0","@gradio/image@0.5.1","@gradio/image@0.5.2","@gradio/image@0.5.3","@gradio/image@0.5.4","@gradio/image@0.6.0","@gradio/image@0.6.1","@gradio/image@0.7.0","@gradio/image@0.7.1","@gradio/image@0.8.0","@gradio/imageeditor@0.0.1","@gradio/imageeditor@0.1.0","@gradio/imageeditor@0.1.1","@gradio/imageeditor@0.1.2","@gradio/imageeditor@0.1.3","@gradio/imageeditor@0.1.4","@gradio/imageeditor@0.1.5","@gradio/imageeditor@0.2.0","@gradio/imageeditor@0.2.1","@gradio/imageeditor@0.2.2","@gradio/imageeditor@0.2.3","@gradio/imageeditor@0.3.0","@gradio/imageeditor@0.3.1","@gradio/imageeditor@0.3.2","@gradio/json@0.1.0","@gradio/json@0.1.0-beta.8","@gradio/json@0.1.1","@gradio/json@0.1.2","@gradio/json@0.1.3","@gradio/json@0.1.4","@gradio/json@0.1.5","@gradio/json@0.1.6","@gradio/json@0.1.7","@gradio/json@0.1.8","@gradio/label@0.2.0","@gradio/label@0.2.0-beta.8","@gradio/label@0.2.1","@gradio/label@0.2.2","@gradio/label@0.2.3","@gradio/label@0.2.4","@gradio/label@0.2.5","@gradio/label@0.2.6","@gradio/label@0.2.7","@gradio/label@0.2.8","@gradio/lite@0.3.2","@gradio/lite@0.4.0","@gradio/lite@0.4.1","@gradio/lite@0.4.2","@gradio/lite@0.4.3","@gradio/lite@4.14.0","@gradio/lite@4.14.1","@gradio/markdown@0.3.0","@gradio/markdown@0.3.0-beta.8","@gradio/markdown@0.3.1","@gradio/markdown@0.3.2","@gradio/markdown@0.3.3","@gradio/markdown@0.3.4","@gradio/markdown@0.4.0","@gradio/markdown@0.4.1","@gradio/markdown@0.5.0","@gradio/markdown@0.6.0","@gradio/markdown@0.6.1","@gradio/markdown@0.6.2","@gradio/model3d@0.3.0","@gradio/model3d@0.3.0-beta.8","@gradio/model3d@0.3.1","@gradio/model3d@0.4.0","@gradio/model3d@0.4.1","@gradio/model3d@0.4.10","@gradio/model3d@0.4.11","@gradio/model3d@0.4.12","@gradio/model3d@0.4.13","@gradio/model3d@0.4.14","@gradio/model3d@0.4.15","@gradio/model3d@0.4.2","@gradio/model3d@0.4.3","@gradio/model3d@0.4.4","@gradio/model3d@0.4.5","@gradio/model3d@0.4.6","@gradio/model3d@0.4.7","@gradio/model3d@0.4.8","@gradio/model3d@0.4.9","@gradio/model3d@0.5.0","@gradio/model3d@0.6.0","@gradio/number@0.3.0","@gradio/number@0.3.0-beta.8","@gradio/number@0.3.1","@gradio/number@0.3.2","@gradio/number@0.3.3","@gradio/number@0.3.4","@gradio/number@0.3.5","@gradio/number@0.3.6","@gradio/number@0.3.7","@gradio/number@0.3.8","@gradio/paramviewer@0.3.0","@gradio/paramviewer@0.4.0","@gradio/paramviewer@0.4.1","@gradio/plot@0.2.0","@gradio/plot@0.2.0-beta.8","@gradio/plot@0.2.1","@gradio/plot@0.2.2","@gradio/plot@0.2.3","@gradio/plot@0.2.4","@gradio/plot@0.2.5","@gradio/plot@0.2.6","@gradio/plot@0.2.7","@gradio/plot@0.3.0","@gradio/preview@0.1.0","@gradio/preview@0.1.0-beta.8","@gradio/preview@0.1.1","@gradio/preview@0.2.0","@gradio/preview@0.2.1","@gradio/preview@0.2.2","@gradio/preview@0.3.0","@gradio/preview@0.4.0","@gradio/preview@0.5.0","@gradio/preview@0.6.0","@gradio/preview@0.7.0","@gradio/radio@0.3.0","@gradio/radio@0.3.0-beta.8","@gradio/radio@0.3.1","@gradio/radio@0.3.2","@gradio/radio@0.3.3","@gradio/radio@0.3.4","@gradio/radio@0.3.5","@gradio/radio@0.3.6","@gradio/radio@0.3.7","@gradio/radio@0.4.0","@gradio/radio@0.4.1","@gradio/radio@0.4.2","@gradio/row@0.1.0","@gradio/row@0.1.0-beta.2","@gradio/row@0.1.1","@gradio/simpledropdown@0.1.0","@gradio/simpledropdown@0.1.0-beta.3","@gradio/simpledropdown@0.1.1","@gradio/simpledropdown@0.1.2","@gradio/simpledropdown@0.1.3","@gradio/simpledropdown@0.1.4","@gradio/simpledropdown@0.1.5","@gradio/simpledropdown@0.1.6","@gradio/simpledropdown@0.1.7","@gradio/simpledropdown@0.1.8","@gradio/simpleimage@0.2.0","@gradio/simpletextbox@0.1.0","@gradio/simpletextbox@0.1.0-beta.2","@gradio/simpletextbox@0.1.1","@gradio/simpletextbox@0.1.2","@gradio/simpletextbox@0.1.3","@gradio/simpletextbox@0.1.4","@gradio/simpletextbox@0.1.5","@gradio/simpletextbox@0.1.6","@gradio/simpletextbox@0.1.7","@gradio/simpletextbox@0.1.8","@gradio/slider@0.2.0","@gradio/slider@0.2.0-beta.8","@gradio/slider@0.2.1","@gradio/slider@0.2.2","@gradio/slider@0.2.3","@gradio/slider@0.2.4","@gradio/slider@0.2.5","@gradio/slider@0.2.6","@gradio/slider@0.2.7","@gradio/slider@0.2.8","@gradio/spaces-test@0.0.1","@gradio/state@0.1.0","@gradio/state@0.1.0-beta.2","@gradio/statustracker@0.3.0","@gradio/statustracker@0.3.0-beta.8","@gradio/statustracker@0.3.1","@gradio/statustracker@0.3.2","@gradio/statustracker@0.4.0","@gradio/statustracker@0.4.1","@gradio/statustracker@0.4.2","@gradio/statustracker@0.4.3","@gradio/statustracker@0.4.4","@gradio/statustracker@0.4.5","@gradio/storybook@0.3.0","@gradio/tabitem@0.1.0","@gradio/tabitem@0.1.0-beta.8","@gradio/tabitem@0.2.0","@gradio/tabitem@0.2.1","@gradio/tabitem@0.2.2","@gradio/tabs@0.1.0","@gradio/tabs@0.1.0-beta.8","@gradio/tabs@0.2.0","@gradio/tabs@0.2.1","@gradio/tabs@0.2.2","@gradio/textbox@0.4.0","@gradio/textbox@0.4.0-beta.8","@gradio/textbox@0.4.1","@gradio/textbox@0.4.2","@gradio/textbox@0.4.3","@gradio/textbox@0.4.4","@gradio/textbox@0.4.5","@gradio/textbox@0.4.6","@gradio/textbox@0.4.7","@gradio/textbox@0.4.8","@gradio/textbox@0.4.9","@gradio/theme@0.2.0","@gradio/theme@0.2.0-beta.2","@gradio/tooltip@0.1.0","@gradio/tooltip@0.1.0-beta.2","@gradio/tootils@0.1.0","@gradio/tootils@0.1.0-beta.7","@gradio/tootils@0.1.1","@gradio/tootils@0.1.2","@gradio/tootils@0.1.3","@gradio/tootils@0.1.4","@gradio/tootils@0.1.5","@gradio/tootils@0.1.6","@gradio/tootils@0.1.7","@gradio/tootils@0.1.8","@gradio/tootils@0.1.9","@gradio/upload@0.3.0","@gradio/upload@0.3.0-beta.6","@gradio/upload@0.3.1","@gradio/upload@0.3.2","@gradio/upload@0.3.3","@gradio/upload@0.4.0","@gradio/upload@0.4.1","@gradio/upload@0.4.2","@gradio/upload@0.5.0","@gradio/upload@0.5.1","@gradio/upload@0.5.2","@gradio/upload@0.5.3","@gradio/upload@0.5.4","@gradio/upload@0.5.5","@gradio/upload@0.5.6","@gradio/upload@0.5.7","@gradio/upload@0.5.8","@gradio/upload@0.6.0","@gradio/upload@0.6.1","@gradio/upload@0.7.0","@gradio/upload@0.7.1","@gradio/uploadbutton@0.1.0","@gradio/uploadbutton@0.1.0-beta.7","@gradio/uploadbutton@0.1.1","@gradio/uploadbutton@0.1.2","@gradio/uploadbutton@0.1.3","@gradio/uploadbutton@0.1.4","@gradio/uploadbutton@0.1.5","@gradio/uploadbutton@0.2.0","@gradio/uploadbutton@0.2.1","@gradio/uploadbutton@0.2.2","@gradio/uploadbutton@0.3.0","@gradio/uploadbutton@0.3.1","@gradio/uploadbutton@0.3.2","@gradio/uploadbutton@0.3.3","@gradio/uploadbutton@0.3.4","@gradio/uploadbutton@0.3.5","@gradio/uploadbutton@0.4.0","@gradio/uploadbutton@0.4.1","@gradio/uploadbutton@0.4.2","@gradio/uploadbutton@0.4.3","@gradio/uploadbutton@0.4.4","@gradio/utils@0.2.0","@gradio/utils@0.2.0-beta.6","@gradio/utils@0.2.1","@gradio/utils@0.2.2","@gradio/video@0.1.0","@gradio/video@0.1.0-beta.9","@gradio/video@0.1.1","@gradio/video@0.1.2","@gradio/video@0.1.3","@gradio/video@0.1.4","@gradio/video@0.1.5","@gradio/video@0.1.6","@gradio/video@0.1.7","@gradio/video@0.1.8","@gradio/video@0.1.9","@gradio/video@0.2.0","@gradio/video@0.2.1","@gradio/video@0.2.2","@gradio/video@0.2.3","@gradio/video@0.2.4","@gradio/video@0.3.0","@gradio/video@0.3.1","@gradio/video@0.4.0","@gradio/video@0.5.0","@gradio/video@0.5.1","@gradio/wasm@0.2.0","@gradio/wasm@0.2.0-beta.2","@gradio/wasm@0.3.0","@gradio/wasm@0.4.0","@gradio/wasm@0.4.1","@gradio/wasm@0.5.0","@gradio/wasm@0.5.1","@gradio/wasm@0.6.0","gradio@3.47.1","gradio@3.48.0","gradio@3.49.0","gradio@3.50.0","gradio@3.50.1","gradio@3.50.2","gradio@4.0.0","gradio@4.0.0-beta.15","gradio@4.0.1","gradio@4.0.2","gradio@4.1.0","gradio@4.1.1","gradio@4.1.2","gradio@4.10.0","gradio@4.11.0","gradio@4.12.0","gradio@4.13.0","gradio@4.14.0","gradio@4.15.0","gradio@4.16.0","gradio@4.17.0","gradio@4.2.0","gradio@4.3.0","gradio@4.4.0","gradio@4.4.1","gradio@4.5.0","gradio@4.6.0","gradio@4.7.0","gradio@4.8.0","gradio@4.9.0","gradio@4.9.1","gradio_client@0.6.1","gradio_client@0.7.0","gradio_client@0.7.0-beta.2","gradio_client@0.7.1","gradio_client@0.7.2","gradio_client@0.7.3","gradio_client@0.8.0","gradio_client@0.8.1","gradio_client@0.9.0","gradio_test@0.3.5","website@0.23.0"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-2206.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}]}