High severityNVD Advisory· Published Mar 20, 2025· Updated Oct 15, 2025
Denial of Service in gradio-app/gradio
CVE-2024-8966
Description
A vulnerability in the file upload process of gradio-app/gradio version @gradio/video@0.10.2 allows for a Denial of Service (DoS) attack. An attacker can append a large number of characters to the end of a multipart boundary, causing the system to continuously process each character and issue warnings. This can render Gradio inaccessible for extended periods, disrupting services and causing significant downtime.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
gradioPyPI | <= 5.22.0 | — |
Affected products
2- Range: unspecified
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.