Podatność CVE-2024-1729
Publikacja: 2024-03-29

Opis:
Th password check condition is vulnerable to timing attack to guess the password

Typ:

CWE-367

 (Time-of-check Time-of-use (TOCTOU) Race Condition)

 Referencje:
https://huntr.com/bounties/f6a10a8d-f538-4cb7-9bb2-85d9f5708124
https://github.com/gradio-app/gradio/commit/e329f1fd38935213fe0e73962e8cbd5d3af6e87b
Copyright 2024, cxsecurity.com

 

Back to Top