{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"important"},"category":"csaf_vex","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"SUSE CVE-2023-34239","title":"Title"},{"category":"description","text":"Gradio is an open-source Python library that is used to build machine learning and data science. Due to a lack of path filtering Gradio does not properly restrict file access to users. Additionally Gradio does not properly restrict the what URLs are proxied. These issues have been addressed in version 3.34.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.","title":"Description of the CVE"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"CVE-2023-34239","url":"https://www.suse.com/security/cve/CVE-2023-34239"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 1212123 for CVE-2023-34239","url":"https://bugzilla.suse.com/1212123"}],"title":"SUSE CVE CVE-2023-34239","tracking":{"current_release_date":"2025-02-16T06:17:25Z","generator":{"date":"2023-06-09T02:32:04Z","engine":{"name":"cve-database.git:bin/generate-csaf-vex.pl","version":"1"}},"id":"CVE-2023-34239","initial_release_date":"2023-06-09T02:32:04Z","revision_history":[{"date":"2023-06-09T02:32:04Z","number":"2","summary":"Current version"},{"date":"2025-01-01T02:03:50Z","number":"3","summary":"Current version"},{"date":"2025-02-14T06:24:16Z","number":"4","summary":"Current version"},{"date":"2025-02-16T06:17:25Z","number":"5","summary":"Current version"}],"status":"interim","version":"5"}}}