Risk grade
F
100 / 100
Findings
306
4 critical38 high167 medium35 low62 info0 on CISA KEV0ATT&CK
Showing 306 of 306 findings
Findings
- Gradio Blocked Path ACL Bypass VulnerabilitygrypeCVE-2025-23042EPSS 0.1%
- shell-quote quote() does not escape newlines in object .op valuesgrypeCVE-2026-9277EPSS 0.1%
- Gradio Blocked Path ACL Bypass VulnerabilityGradio is an open-source Python package that allows quick building of demos and web application for machine learning models, API, or any arbitrary Python function. Gradio's Access Control List (ACL) for file paths can be bypassed by altering the letter case of a blocked file or d…trivyCVE-2025-23042
- shell-quote: shell-quote: Arbitrary code execution via command injection due to unescaped line terminatorsshell-quote's `quote()` function did not validate object-token inputs against the operator model used by `parse()`. The `.op` field was backslash-escaped character by character using `/(.)/g`, which in JavaScript does not match line terminators (\n, \r, U+2028, U+2029). A line te…trivyCVE-2026-9277
- Detected generic-api-key: Detected a Generic API Key, potentially exposing access to various services and sensitive operationsDetected a Generic API Key, potentially exposing access to various services and sensitive operations.gitleaks
- Detected generic-api-key: Detected a Generic API Key, potentially exposing access to various services and sensitive operationsDetected a Generic API Key, potentially exposing access to various services and sensitive operations.gitleaks
- Detected generic-api-key: Detected a Generic API Key, potentially exposing access to various services and sensitive operationsDetected a Generic API Key, potentially exposing access to various services and sensitive operations.gitleaks
- Detected generic-api-key: Detected a Generic API Key, potentially exposing access to various services and sensitive operationsDetected a Generic API Key, potentially exposing access to various services and sensitive operations.gitleaks
- Detected generic-api-key: Detected a Generic API Key, potentially exposing access to various services and sensitive operationsDetected a Generic API Key, potentially exposing access to various services and sensitive operations.gitleaks
- Detected generic-api-key: Detected a Generic API Key, potentially exposing access to various services and sensitive operationsDetected a Generic API Key, potentially exposing access to various services and sensitive operations.gitleaks
- Detected generic-api-key: Detected a Generic API Key, potentially exposing access to various services and sensitive operationsDetected a Generic API Key, potentially exposing access to various services and sensitive operations.gitleaks
- Detected generic-api-key: Detected a Generic API Key, potentially exposing access to various services and sensitive operationsDetected a Generic API Key, potentially exposing access to various services and sensitive operations.gitleaks
- @actions/download-artifact has an Arbitrary File Write via artifact extractiongrype
- Allocation of Resources Without Limits or Throttling in AxiosgrypeCVE-2026-44488
- axios Vulnerable to Full Man-in-the-Middle via Prototype Pollution Gadget in `config.proxy`grypeCVE-2026-44494
- Axios: Proxy-Authorization Credential Leak to Origin Server Across HTTP-to-HTTPS Redirect in Axios Node.js HTTP AdaptergrypeCVE-2026-44487
- Axios: Proxy-Authorization header leaks to redirect target when proxy is re-evaluated to direct connectiongrypeCVE-2026-44486
- Axios: Regular Expression Denial of Service (ReDoS) via Cookie Name InjectiongrypeCVE-2026-44496
- axios's shouldBypassProxy does not recognize IPv4-mapped IPv6 addresses, allowing NO_PROXY bypass (incomplete fix for CVE-2025-62718)grypeCVE-2026-44492
- Gradio DOS in multipart boundry while uploading the filegrypeCVE-2024-8966EPSS 0.3%
- Gradio has SSRF via Malicious `proxy_url` Injection in `gr.load()` Config ProcessinggrypeCVE-2026-28416EPSS 0.0%
- Gradio is Vulnerable to Absolute Path Traversal on Windows with Python 3.13+grypeCVE-2026-28414EPSS 4.2%
- Quinn affected by unauthenticated remote DoS via panic in QUIC transport parameter parsinggrypeCVE-2026-31812EPSS 0.2%
- rustls-webpki: Denial of service via panic on malformed CRL BIT STRINGgrype
- rustls-webpki: Denial of service via panic on malformed CRL BIT STRINGgrype
- WASM3 Improper Input Validation vulnerabilitygrypeCVE-2022-39974EPSS 0.3%
- Allocation of Resources Without Limits or Throttling in Axios## Summary Axios versions `1.7.0` through `1.15.x` did not enforce configured request and response size limits when requests were sent with the `fetch` adapter. Applications that selected `adapter: 'fetch'`, or ran in environments where axios resolved to the fetch adapter, could…trivyCVE-2026-44488
- axios Vulnerable to Full Man-in-the-Middle via Prototype Pollution Gadget in `config.proxy`# Vulnerability Disclosure: Full Man-in-the-Middle via Prototype Pollution Gadget in `config.proxy` ## Summary The Axios library is vulnerable to a Prototype Pollution "Gadget" attack that allows any `Object.prototype` pollution in the application's dependency tree to be escala…trivyCVE-2026-44494
- Axios: Proxy-Authorization Credential Leak to Origin Server Across HTTP-to-HTTPS Redirect in Axios Node.js HTTP Adapter## Summary Axios’s Node.js HTTP adapter may forward a `Proxy-Authorization` header to a redirected origin during specific proxy-to-direct redirect flows. This affects Node.js usage, where an initial HTTP request is sent through an authenticated HTTP proxy, redirects are followe…trivyCVE-2026-44487
- Axios: Proxy-Authorization header leaks to redirect target when proxy is re-evaluated to direct connection### Summary Axios’ Node.js HTTP adapter can leak proxy credentials to a redirect target in affected versions. When a request is sent through an authenticated proxy, Axios may add a `Proxy-Authorization` header. If Axios then follows a redirect and the redirected request is no lo…trivyCVE-2026-44486
- Axios: Regular Expression Denial of Service (ReDoS) via Cookie Name Injection## Summary Axios versions before `0.32.0` on the `0.x` line and before `1.16.0` on the `1.x` line build a regular expression from the configured XSRF cookie name without escaping regex metacharacters. In standard browser environments, an attacker who can influence the cookie nam…trivyCVE-2026-44496
- axios's shouldBypassProxy does not recognize IPv4-mapped IPv6 addresses, allowing NO_PROXY bypass (incomplete fix for CVE-2025-62718)### Summary shouldBypassProxy, introduced in v1.15.0 to fix CVE-2025-62718, does not normalise IPv4-mapped IPv6 addresses. When NO_PROXY lists an IPv4 address such as `127.0.0.1` or `169.254.169.254`, a request URL using the IPv4-mapped IPv6 form (`::ffff:7f00:1`, `::ffff:a9fe:a9…trivyCVE-2026-44492
- Gradio DOS in multipart boundry while uploading the fileA vulnerability in the file upload process of gradio-app/gradio version @gradio/video@0.10.2 allows for a Denial of Service (DoS) attack. An attacker can append a large number of characters to the end of a multipart boundary, causing the system to continuously process each charac…trivyCVE-2024-8966
- Gradio is Vulnerable to Absolute Path Traversal on Windows with Python 3.13+Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.7, Gradio apps running on Window with Python 3.13+ are vulnerable to an absolute path traversal issue that enables unauthenticated attackers to read arbitrary files from the file system. Py…trivyCVE-2026-28414
- Gradio: Gradio: Server-Side Request Forgery allows access to internal services via malicious Space loadingGradio is an open-source Python package designed for quick prototyping. Prior to version 6.6.0, a Server-Side Request Forgery (SSRF) vulnerability in Gradio allows an attacker to make arbitrary HTTP requests from a victim's server by hosting a malicious Gradio Space. When a victi…trivyCVE-2026-28416
- Image user should not be 'root'Running containers with 'root' user can lead to a container escape situation. It is a best practice to run containers as non-root users, which can be done by adding a 'USER' statement to the Dockerfile.trivydocker/Dockerfile.python:0
- Image user should not be 'root'Running containers with 'root' user can lead to a container escape situation. It is a best practice to run containers as non-root users, which can be done by adding a 'USER' statement to the Dockerfile.trivydocker/Dockerfile.rust:0
- quinn-proto: quinn-proto: Denial of Service via crafted QUIC Initial packetQuinn is a pure-Rust, async-compatible implementation of the IETF QUIC transport protocol. Prior to 0.11.14, a remote, unauthenticated attacker can trigger a denial of service in applications using vulnerable quinn versions by sending a crafted QUIC Initial packet containing malf…trivyCVE-2026-31812
- Root file system is not read-onlyAn immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.trivylogging/fluentd-config.yml:481
- rustls-webpki: Denial of service via panic on malformed CRL BIT STRING### Summary `bit_string_flags()` in `src/der.rs` panics with an index-out-of-bounds when given a BIT STRING whose content is exactly `[0x00]` (one byte: zero padding bits, zero data bytes). This is reachable through the public API `BorrowedCertRevocationList::from_der()` via the…trivy
- rustls-webpki: Denial of service via panic on malformed CRL BIT STRING### Summary `bit_string_flags()` in `src/der.rs` panics with an index-out-of-bounds when given a BIT STRING whose content is exactly `[0x00]` (one byte: zero padding bits, zero data bytes). This is reachable through the public API `BorrowedCertRevocationList::from_der()` via the…trivy
- WASM3 Improper Input Validation vulnerabilityWASM3 v0.5.0 was discovered to contain a segmentation fault via the component op_Select_i32_srs in wasm3/source/m3_exec.h.trivyCVE-2022-39974
This report is public.