VYPR
← All advisories
High severityNVD Advisory· Published Mar 20, 2025· Updated Oct 15, 2025

Denial of Service in gradio-app/gradio

CVE-2024-8966

Description

A vulnerability in the file upload process of gradio-app/gradio version @gradio/video@0.10.2 allows for a Denial of Service (DoS) attack. An attacker can append a large number of characters to the end of a multipart boundary, causing the system to continuously process each character and issue warnings. This can render Gradio inaccessible for extended periods, disrupting services and causing significant downtime.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

A crafted multipart upload with an oversized boundary string causes Gradio to exhaust resources, leading to prolonged Denial of Service.

Vulnerability

Overview

The file upload mechanism in gradio-app/gradio version @gradio/video@0.10.2 contains a Denial of Service (DoS) vulnerability [2]. The root cause lies in the multipart parsing logic: an attacker can append a large number of characters to the multipart boundary string, forcing the parser to continuously process each character and issue warnings. This unbounded processing consumes excessive CPU time and resources, rendering the application inaccessible for extended periods.

Attack

Vector

An unauthenticated remote attacker can exploit this by sending a crafted HTTP request with a maliciously long multipart boundary to any Gradio instance that accepts file uploads. No special privileges or network position are required [2]. The vulnerability is triggered during the parsing phase, before the uploaded content is validated, making the attack trivial to execute.

Impact

Successful exploitation results in a Denial of Service condition. The Gradio server becomes unresponsive or extremely slow, disrupting all user interactions and machine learning demos served by the application. This can lead to significant downtime and service unavailability [2]. At the time of this writing, no evidence of exploitation in the wild has been reported, but the low complexity of the attack makes it a realistic threat.

Mitigation

The Gradio project addressed the issue by upgrading the python-multipart dependency to a patched version that properly handles oversized boundaries [3]. This fix is included in releases after the commit f1718c47137f9c60240da7afe5e3290aa0f1cb47. Users should update to the latest Gradio version that incorporates this dependency upgrade to remediate the vulnerability. No practical workaround exists for unpatched instances beyond disabling file upload functionality or restricting network access.

References
  1. NVD - CVE-2024-8966
  2. build(deps): unpin and upgrade `python-multipart` (#10110) · gradio-app/gradio@f1718c4

AI Insight generated on May 20, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
gradioPyPI
<= 5.22.0

Affected products

3

Patches

1
f1718c47137f

build(deps): unpin and upgrade `python-multipart` (#10110)

https://github.com/gradio-app/gradioLuke HsiaoDec 4, 2024via ghsa
commit
2 files changed · +3 3
  • gradio/route_utils.py+2 2 modified
    @@ -632,7 +632,7 @@ async def parse(self) -> FormData:
             raise MultiPartException("Missing boundary in multipart.") from e
 
         # Callbacks dictionary.
-        callbacks: multipart.multipart.MultipartCallbacks = {
+        callbacks = {
             "on_part_begin": self.on_part_begin,
             "on_part_data": self.on_part_data,
             "on_part_end": self.on_part_end,
@@ -644,7 +644,7 @@ async def parse(self) -> FormData:
         }
 
         # Create the parser.
-        parser = multipart.MultipartParser(boundary, callbacks)
+        parser = multipart.MultipartParser(boundary, callbacks)  # type: ignore
         try:
             # Feed the parser with data from the request.
             async for chunk in self.stream:
  • requirements.txt+1 1 modified
    @@ -14,7 +14,7 @@ packaging
 pandas>=1.0,<3.0
 pillow>=8.0,<12.0
 pydantic>=2.0
-python-multipart==0.0.12 # required for fastapi forms. pinning to avoid yanking issues with micropip.
+python-multipart>=0.0.18 # required for fastapi forms.
 pydub
 pyyaml>=5.0,<7.0
 ruff>=0.2.2; sys.platform != 'emscripten'

Vulnerability mechanics

Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

4

News mentions

0

No linked articles in our index yet.