{"data":{"id":"47035e6c-75df-4a9b-97d5-d029e83342b0","title":"CVE-2024-10648: A path traversal vulnerability exists in the Gradio Audio component of gradio-app/gradio, as of version git 98cbcae. Thi","summary":"CVE-2024-10648 is a path traversal vulnerability (a flaw where an attacker manipulates file paths to access unintended files) in Gradio's Audio component that lets attackers control audio file formats and delete file contents, potentially causing a denial of service (a situation where a system becomes unavailable to legitimate users). By changing the output format, an attacker can empty any file on the server.","solution":"N/A -- no mitigation discussed in source.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2024-10648","publishedAt":"2025-03-20T14:15:18.010Z","cveId":"CVE-2024-10648","cweIds":["CWE-29"],"cvssScore":null,"cvssSeverity":null,"severity":"medium","attackType":["denial_of_service"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":["HuggingFace"],"affectedVendorsRaw":["Gradio"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00245,"patchAvailable":null,"disclosureDate":null,"capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["integrity","availability"],"aiComponentTargeted":"api","llmSpecific":false,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":null}}