Vendor CVEs
Gradio App
All CVEs
48 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-0964 | Cri | 0.54 | 9.4 | 0.01 | Feb 5, 2024 | A local file include could be remotely triggered in Gradio due to a vulnerable user-supplied JSON value in an API request. | ||
| CVE-2022-24770 | Hig | 0.50 | 8.8 | 0.01 | Mar 17, 2022 | `gradio` is an open source framework for building interactive machine learning models and demos. Prior to version 2.8.11, `gradio` suffers from Improper Neutralization of Formula Elements in a CSV File. The `gradio` library has a flagging functionality which saves input/output… | ||
| CVE-2023-6572 | Hig | 0.46 | 8.1 | 0.02 | Dec 14, 2023 | Command Injection in GitHub repository gradio-app/gradio prior to main. | ||
| CVE-2021-43831 | Hig | 0.43 | 7.7 | 0.04 | Dec 15, 2021 | Gradio is an open source framework for building interactive machine learning models and demos. In versions prior to 2.5.0 there is a vulnerability that affects anyone who creates and publicly shares Gradio interfaces. File paths are not restricted and users who receive a Gradio… | ||
| CVE-2023-34239 | Hig | 0.41 | 7.3 | 0.01 | Jun 8, 2023 | Gradio is an open-source Python library that is used to build machine learning and data science. Due to a lack of path filtering Gradio does not properly restrict file access to users. Additionally Gradio does not properly restrict the what URLs are proxied. These issues have… | ||
| CVE-2026-48545 | Med | 0.37 | 6.8 | 0.00 | May 27, 2026 | Gradio before version 6.15.0 contains a cookie injection vulnerability that allows remote attackers to perform cross-Space session fixation by exploiting a shared module-level HTTP client used across all users in the reverse proxy endpoint. Attackers controlling any HF Space can… | ||
| CVE-2023-25823 | Med | 0.35 | 5.4 | 0.01 | Feb 23, 2023 | Gradio is an open-source Python library to build machine learning and data science demos and web applications. Versions prior to 3.13.1 contain Use of Hard-coded Credentials. When using Gradio's share links (i.e. creating a Gradio app and then setting `share=True`), a private… | ||
| CVE-2024-12217 | Med | 0.34 | 5.3 | 0.01 | Mar 20, 2025 | A vulnerability in the gradio-app/gradio repository, version git 67e4044, allows for path traversal on Windows OS. The implementation of the blocked_path functionality, which is intended to disallow users from reading certain files, is flawed. Specifically, while the application… | ||
| CVE-2023-51449 | Med | 0.30 | 5.6 | 0.02 | Dec 22, 2023 | Gradio is an open-source Python package that allows you to quickly build a demo or web application for your machine learning model, API, or any arbitary Python function. Versions of `gradio` prior to 4.11.0 contained a vulnerability in the `/file` route which made them… | ||
| CVE-2025-5320 | Low | 0.24 | 3.7 | 0.00 | May 29, 2025 | A vulnerability classified as problematic has been found in gradio-app gradio up to 5.29.1. This affects the function is_valid_origin of the component CORS Handler. The manipulation of the argument localhost_aliases leads to erweiterte Rechte. It is possible to initiate the… | ||
| CVE-2026-10783 | Low | 0.09 | 2.5 | 0.00 | Jun 4, 2026 | A security flaw has been discovered in gradio-app gradio 6.14.0. This affects the function save_audio_to_cache of the component Audio Cache Key Handler. Performing a manipulation results in use of weak hash. The attack must be initiated from a local position. The attack is… | ||
| CVE-2024-4940 | 0.01 | — | 0.01 | Jun 22, 2024 | An open redirect vulnerability exists in the gradio-app/gradio, affecting the latest version. The vulnerability allows an attacker to redirect users to arbitrary websites, which can be exploited for phishing attacks, Cross-site Scripting (XSS), Server-Side Request Forgery… | |||
| CVE-2026-28416 | 0.00 | — | 0.00 | Feb 27, 2026 | Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.6.0, a Server-Side Request Forgery (SSRF) vulnerability in Gradio allows an attacker to make arbitrary HTTP requests from a victim's server by hosting a malicious Gradio Space. When a… | |||
| CVE-2026-28415 | 0.00 | — | 0.00 | Feb 27, 2026 | Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.6.0, the _redirect_to_target() function in Gradio's OAuth flow accepts an unvalidated _target_url query parameter, allowing redirection to arbitrary external URLs. This affects the /logout… | |||
| CVE-2026-28414 | 0.00 | — | 0.03 | Feb 27, 2026 | Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.7, Gradio apps running on Window with Python 3.13+ are vulnerable to an absolute path traversal issue that enables unauthenticated attackers to read arbitrary files from the file system.… | |||
| CVE-2026-27167 | 0.00 | — | 0.00 | Feb 27, 2026 | Gradio is an open-source Python package designed for quick prototyping. Starting in version 4.16.0 and prior to version 6.6.0, Gradio applications running outside of Hugging Face Spaces automatically enable "mocked" OAuth routes when OAuth components (e.g. `gr.LoginButton`) are… | |||
| CVE-2025-48889 | 0.00 | — | 0.01 | May 30, 2025 | Gradio is an open-source Python package that allows quick building of demos and web application for machine learning models, API, or any arbitrary Python function. Prior to version 5.31.0, an arbitrary file copy vulnerability in Gradio's flagging feature allows unauthenticated… | |||
| CVE-2024-8021 | 0.00 | — | 0.01 | Mar 20, 2025 | An open redirect vulnerability exists in the latest version of gradio-app/gradio. The vulnerability allows an attacker to redirect users to a malicious website by URL encoding. This can be exploited by sending a crafted request to the application, which results in a 302 redirect… | |||
| CVE-2024-10648 | 0.00 | — | 0.01 | Mar 20, 2025 | A path traversal vulnerability exists in the Gradio Audio component of gradio-app/gradio, as of version git 98cbcae. This vulnerability allows an attacker to control the format of the audio file, leading to arbitrary file content deletion. By manipulating the output format, an… | |||
| CVE-2024-8966 | 0.00 | — | 0.01 | Mar 20, 2025 | A vulnerability in the file upload process of gradio-app/gradio version @gradio/video@0.10.2 allows for a Denial of Service (DoS) attack. An attacker can append a large number of characters to the end of a multipart boundary, causing the system to continuously process each… | |||
| CVE-2024-10569 | 0.00 | — | 0.01 | Mar 20, 2025 | A vulnerability in the dataframe component of gradio-app/gradio (version git 98cbcae) allows for a zip bomb attack. The component uses pd.read_csv to process input values, which can accept compressed files. An attacker can exploit this by uploading a maliciously crafted zip… | |||
| CVE-2024-10624 | 0.00 | — | 0.01 | Mar 20, 2025 | A Regular Expression Denial of Service (ReDoS) vulnerability exists in the gradio-app/gradio repository, affecting the gr.Datetime component. The affected version is git commit 98cbcae. The vulnerability arises from the use of a regular expression… | |||
| CVE-2025-0187 | 0.00 | — | 0.01 | Mar 20, 2025 | A Denial of Service (DoS) vulnerability was discovered in the file upload feature of gradio-app/gradio version 0.39.1. The vulnerability is due to improper handling of form-data with a large filename in the file upload request. By sending a payload with an excessively large… | |||
| CVE-2025-23042 | 0.00 | — | 0.01 | Jan 14, 2025 | Gradio is an open-source Python package that allows quick building of demos and web application for machine learning models, API, or any arbitrary Python function. Gradio's Access Control List (ACL) for file paths can be bypassed by altering the letter case of a blocked file or… | |||
| CVE-2024-51751 | 0.00 | — | 0.01 | Nov 6, 2024 | Gradio is an open-source Python package designed to enable quick builds of a demo or web application. If File or UploadButton components are used as a part of Gradio application to preview file content, an attacker with access to the application might abuse these components to… | |||
| CVE-2024-47867 | 0.00 | — | 0.00 | Oct 10, 2024 | Gradio is an open-source Python package designed for quick prototyping. This vulnerability is a **lack of integrity check** on the downloaded FRP client, which could potentially allow attackers to introduce malicious code. If an attacker gains access to the remote URL from which… | |||
| CVE-2024-47868 | 0.00 | — | 0.01 | Oct 10, 2024 | Gradio is an open-source Python package designed for quick prototyping. This is a **data validation vulnerability** affecting several Gradio components, which allows arbitrary file leaks through the post-processing step. Attackers can exploit these components by crafting… | |||
| CVE-2024-47869 | 0.00 | — | 0.00 | Oct 10, 2024 | Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves a **timing attack** in the way Gradio compares hashes for the `analytics_dashboard` function. Since the comparison is not done in constant time, an attacker could exploit this by… | |||
| CVE-2024-47870 | 0.00 | — | 0.00 | Oct 10, 2024 | Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves a **race condition** in the `update_root_in_config` function, allowing an attacker to modify the `root` URL used by the Gradio frontend to communicate with the backend. By… | |||
| CVE-2024-47871 | 0.00 | — | 0.00 | Oct 10, 2024 | Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves **insecure communication** between the FRP (Fast Reverse Proxy) client and server when Gradio's `share=True` option is used. HTTPS is not enforced on the connection, allowing… | |||
| CVE-2024-47872 | 0.00 | — | 0.00 | Oct 10, 2024 | Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves **Cross-Site Scripting (XSS)** on any Gradio server that allows file uploads. Authenticated users can upload files such as HTML, JavaScript, or SVG files containing malicious… | |||
| CVE-2024-47084 | 0.00 | — | 0.00 | Oct 10, 2024 | Gradio is an open-source Python package designed for quick prototyping. This vulnerability is related to **CORS origin validation**, where the Gradio server fails to validate the request origin when a cookie is present. This allows an attacker’s website to make unauthorized… | |||
| CVE-2024-47164 | 0.00 | — | 0.01 | Oct 10, 2024 | Gradio is an open-source Python package designed for quick prototyping. This vulnerability relates to the **bypass of directory traversal checks** within the `is_in_or_equal` function. This function, intended to check if a file resides within a given directory, can be bypassed… | |||
| CVE-2024-47165 | 0.00 | — | 0.00 | Oct 10, 2024 | Gradio is an open-source Python package designed for quick prototyping. This vulnerability relates to **CORS origin validation accepting a null origin**. When a Gradio server is deployed locally, the `localhost_aliases` variable includes "null" as a valid origin. This allows… | |||
| CVE-2024-47166 | 0.00 | — | 0.00 | Oct 10, 2024 | Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves a **one-level read path traversal** in the `/custom_component` endpoint. Attackers can exploit this flaw to access and leak source code from custom Gradio components by… | |||
| CVE-2024-47167 | 0.00 | — | 0.00 | Oct 10, 2024 | Gradio is an open-source Python package designed for quick prototyping. This vulnerability relates to **Server-Side Request Forgery (SSRF)** in the `/queue/join` endpoint. Gradio’s `async_save_url_to_cache` function allows attackers to force the Gradio server to send HTTP… | |||
| CVE-2024-47168 | 0.00 | — | 0.00 | Oct 10, 2024 | Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves data exposure due to the enable_monitoring flag not properly disabling monitoring when set to False. Even when monitoring is supposedly disabled, an attacker or unauthorized user… | |||
| CVE-2024-4325 | 0.00 | — | 0.37 | Jun 6, 2024 | A Server-Side Request Forgery (SSRF) vulnerability exists in the gradio-app/gradio version 4.21.0, specifically within the `/queue/join` endpoint and the `save_url_to_cache` function. The vulnerability arises when the `path` value, obtained from the user and expected to be a… | |||
| CVE-2024-4941 | 0.00 | — | 0.01 | Jun 6, 2024 | A local file inclusion vulnerability exists in the JSON component of gradio-app/gradio version 4.25. The vulnerability arises from improper input validation in the `postprocess()` function within `gradio/components/json_component.py`, where a user-controlled string is parsed as… | |||
| CVE-2024-4254 | 0.00 | — | 0.00 | Jun 4, 2024 | The 'deploy-website.yml' workflow in the gradio-app/gradio repository, specifically in the 'main' branch, is vulnerable to secrets exfiltration due to improper authorization. The vulnerability arises from the workflow's explicit checkout and execution of code from a fork, which… | |||
| CVE-2024-4253 | 0.00 | — | 0.02 | Jun 4, 2024 | A command injection vulnerability exists in the gradio-app/gradio repository, specifically within the 'test-functional.yml' workflow. The vulnerability arises due to improper neutralization of special elements used in a command, allowing for unauthorized modification of the base… | |||
| CVE-2024-1561 | 0.00 | — | 0.09 | Apr 16, 2024 | An issue was discovered in gradio-app/gradio, where the `/component_server` endpoint improperly allows the invocation of any method on a `Component` class with attacker-controlled arguments. Specifically, by exploiting the `move_resource_to_block_cache()` method of the `Block`… | |||
| CVE-2024-1183 | 0.00 | — | 0.02 | Apr 16, 2024 | An SSRF (Server-Side Request Forgery) vulnerability exists in the gradio-app/gradio repository, allowing attackers to scan and identify open ports within an internal network. By manipulating the 'file' parameter in a GET request, an attacker can discern the status of internal… | |||
| CVE-2024-1728 | 0.00 | — | 0.85 | Apr 10, 2024 | gradio-app/gradio is vulnerable to a local file inclusion vulnerability due to improper validation of user-supplied input in the UploadButton component. Attackers can exploit this vulnerability to read arbitrary files on the filesystem, such as private SSH keys, by manipulating… | |||
| CVE-2024-1729 | 0.00 | — | 0.01 | Mar 29, 2024 | A timing attack vulnerability exists in the gradio-app/gradio repository, specifically within the login function in routes.py. The vulnerability arises from the use of a direct comparison operation (`app.auth[username] == password`) to validate user credentials, which can be… | |||
| CVE-2024-1540 | 0.00 | — | 0.02 | Mar 27, 2024 | A command injection vulnerability exists in the deploy+test-visual.yml workflow of the gradio-app/gradio repository, due to improper neutralization of special elements used in a command. This vulnerability allows attackers to execute unauthorized commands, potentially leading to… | |||
| CVE-2024-2206 | 0.00 | — | 0.00 | Mar 27, 2024 | An SSRF vulnerability exists in the gradio-app/gradio due to insufficient validation of user-supplied URLs in the `/proxy` route. Attackers can exploit this vulnerability by manipulating the `self.replica_urls` set through the `X-Direct-Url` header in requests to the `/` and… | |||
| CVE-2024-1727 | 0.00 | — | 0.00 | Mar 21, 2024 | A Cross-Site Request Forgery (CSRF) vulnerability in gradio-app/gradio allows attackers to upload multiple large files to a victim's system if they are running Gradio locally. By crafting a malicious HTML page that triggers an unauthorized file upload to the victim's server, an… |
- risk 0.54cvss 9.4epss 0.01
A local file include could be remotely triggered in Gradio due to a vulnerable user-supplied JSON value in an API request.
- risk 0.50cvss 8.8epss 0.01
`gradio` is an open source framework for building interactive machine learning models and demos. Prior to version 2.8.11, `gradio` suffers from Improper Neutralization of Formula Elements in a CSV File. The `gradio` library has a flagging functionality which saves input/output…
- risk 0.46cvss 8.1epss 0.02
Command Injection in GitHub repository gradio-app/gradio prior to main.
- risk 0.43cvss 7.7epss 0.04
Gradio is an open source framework for building interactive machine learning models and demos. In versions prior to 2.5.0 there is a vulnerability that affects anyone who creates and publicly shares Gradio interfaces. File paths are not restricted and users who receive a Gradio…
- risk 0.41cvss 7.3epss 0.01
Gradio is an open-source Python library that is used to build machine learning and data science. Due to a lack of path filtering Gradio does not properly restrict file access to users. Additionally Gradio does not properly restrict the what URLs are proxied. These issues have…
- risk 0.37cvss 6.8epss 0.00
Gradio before version 6.15.0 contains a cookie injection vulnerability that allows remote attackers to perform cross-Space session fixation by exploiting a shared module-level HTTP client used across all users in the reverse proxy endpoint. Attackers controlling any HF Space can…
- risk 0.35cvss 5.4epss 0.01
Gradio is an open-source Python library to build machine learning and data science demos and web applications. Versions prior to 3.13.1 contain Use of Hard-coded Credentials. When using Gradio's share links (i.e. creating a Gradio app and then setting `share=True`), a private…
- risk 0.34cvss 5.3epss 0.01
A vulnerability in the gradio-app/gradio repository, version git 67e4044, allows for path traversal on Windows OS. The implementation of the blocked_path functionality, which is intended to disallow users from reading certain files, is flawed. Specifically, while the application…
- risk 0.30cvss 5.6epss 0.02
Gradio is an open-source Python package that allows you to quickly build a demo or web application for your machine learning model, API, or any arbitary Python function. Versions of `gradio` prior to 4.11.0 contained a vulnerability in the `/file` route which made them…
- risk 0.24cvss 3.7epss 0.00
A vulnerability classified as problematic has been found in gradio-app gradio up to 5.29.1. This affects the function is_valid_origin of the component CORS Handler. The manipulation of the argument localhost_aliases leads to erweiterte Rechte. It is possible to initiate the…
- risk 0.09cvss 2.5epss 0.00
A security flaw has been discovered in gradio-app gradio 6.14.0. This affects the function save_audio_to_cache of the component Audio Cache Key Handler. Performing a manipulation results in use of weak hash. The attack must be initiated from a local position. The attack is…
- CVE-2024-4940Jun 22, 2024risk 0.01cvss —epss 0.01
An open redirect vulnerability exists in the gradio-app/gradio, affecting the latest version. The vulnerability allows an attacker to redirect users to arbitrary websites, which can be exploited for phishing attacks, Cross-site Scripting (XSS), Server-Side Request Forgery…
- CVE-2026-28416Feb 27, 2026risk 0.00cvss —epss 0.00
Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.6.0, a Server-Side Request Forgery (SSRF) vulnerability in Gradio allows an attacker to make arbitrary HTTP requests from a victim's server by hosting a malicious Gradio Space. When a…
- CVE-2026-28415Feb 27, 2026risk 0.00cvss —epss 0.00
Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.6.0, the _redirect_to_target() function in Gradio's OAuth flow accepts an unvalidated _target_url query parameter, allowing redirection to arbitrary external URLs. This affects the /logout…
- CVE-2026-28414Feb 27, 2026risk 0.00cvss —epss 0.03
Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.7, Gradio apps running on Window with Python 3.13+ are vulnerable to an absolute path traversal issue that enables unauthenticated attackers to read arbitrary files from the file system.…
- CVE-2026-27167Feb 27, 2026risk 0.00cvss —epss 0.00
Gradio is an open-source Python package designed for quick prototyping. Starting in version 4.16.0 and prior to version 6.6.0, Gradio applications running outside of Hugging Face Spaces automatically enable "mocked" OAuth routes when OAuth components (e.g. `gr.LoginButton`) are…
- CVE-2025-48889May 30, 2025risk 0.00cvss —epss 0.01
Gradio is an open-source Python package that allows quick building of demos and web application for machine learning models, API, or any arbitrary Python function. Prior to version 5.31.0, an arbitrary file copy vulnerability in Gradio's flagging feature allows unauthenticated…
- CVE-2024-8021Mar 20, 2025risk 0.00cvss —epss 0.01
An open redirect vulnerability exists in the latest version of gradio-app/gradio. The vulnerability allows an attacker to redirect users to a malicious website by URL encoding. This can be exploited by sending a crafted request to the application, which results in a 302 redirect…
- CVE-2024-10648Mar 20, 2025risk 0.00cvss —epss 0.01
A path traversal vulnerability exists in the Gradio Audio component of gradio-app/gradio, as of version git 98cbcae. This vulnerability allows an attacker to control the format of the audio file, leading to arbitrary file content deletion. By manipulating the output format, an…
- CVE-2024-8966Mar 20, 2025risk 0.00cvss —epss 0.01
A vulnerability in the file upload process of gradio-app/gradio version @gradio/video@0.10.2 allows for a Denial of Service (DoS) attack. An attacker can append a large number of characters to the end of a multipart boundary, causing the system to continuously process each…
- CVE-2024-10569Mar 20, 2025risk 0.00cvss —epss 0.01
A vulnerability in the dataframe component of gradio-app/gradio (version git 98cbcae) allows for a zip bomb attack. The component uses pd.read_csv to process input values, which can accept compressed files. An attacker can exploit this by uploading a maliciously crafted zip…
- CVE-2024-10624Mar 20, 2025risk 0.00cvss —epss 0.01
A Regular Expression Denial of Service (ReDoS) vulnerability exists in the gradio-app/gradio repository, affecting the gr.Datetime component. The affected version is git commit 98cbcae. The vulnerability arises from the use of a regular expression…
- CVE-2025-0187Mar 20, 2025risk 0.00cvss —epss 0.01
A Denial of Service (DoS) vulnerability was discovered in the file upload feature of gradio-app/gradio version 0.39.1. The vulnerability is due to improper handling of form-data with a large filename in the file upload request. By sending a payload with an excessively large…
- CVE-2025-23042Jan 14, 2025risk 0.00cvss —epss 0.01
Gradio is an open-source Python package that allows quick building of demos and web application for machine learning models, API, or any arbitrary Python function. Gradio's Access Control List (ACL) for file paths can be bypassed by altering the letter case of a blocked file or…
- CVE-2024-51751Nov 6, 2024risk 0.00cvss —epss 0.01
Gradio is an open-source Python package designed to enable quick builds of a demo or web application. If File or UploadButton components are used as a part of Gradio application to preview file content, an attacker with access to the application might abuse these components to…
- CVE-2024-47867Oct 10, 2024risk 0.00cvss —epss 0.00
Gradio is an open-source Python package designed for quick prototyping. This vulnerability is a **lack of integrity check** on the downloaded FRP client, which could potentially allow attackers to introduce malicious code. If an attacker gains access to the remote URL from which…
- CVE-2024-47868Oct 10, 2024risk 0.00cvss —epss 0.01
Gradio is an open-source Python package designed for quick prototyping. This is a **data validation vulnerability** affecting several Gradio components, which allows arbitrary file leaks through the post-processing step. Attackers can exploit these components by crafting…
- CVE-2024-47869Oct 10, 2024risk 0.00cvss —epss 0.00
Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves a **timing attack** in the way Gradio compares hashes for the `analytics_dashboard` function. Since the comparison is not done in constant time, an attacker could exploit this by…
- CVE-2024-47870Oct 10, 2024risk 0.00cvss —epss 0.00
Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves a **race condition** in the `update_root_in_config` function, allowing an attacker to modify the `root` URL used by the Gradio frontend to communicate with the backend. By…
- CVE-2024-47871Oct 10, 2024risk 0.00cvss —epss 0.00
Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves **insecure communication** between the FRP (Fast Reverse Proxy) client and server when Gradio's `share=True` option is used. HTTPS is not enforced on the connection, allowing…
- CVE-2024-47872Oct 10, 2024risk 0.00cvss —epss 0.00
Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves **Cross-Site Scripting (XSS)** on any Gradio server that allows file uploads. Authenticated users can upload files such as HTML, JavaScript, or SVG files containing malicious…
- CVE-2024-47084Oct 10, 2024risk 0.00cvss —epss 0.00
Gradio is an open-source Python package designed for quick prototyping. This vulnerability is related to **CORS origin validation**, where the Gradio server fails to validate the request origin when a cookie is present. This allows an attacker’s website to make unauthorized…
- CVE-2024-47164Oct 10, 2024risk 0.00cvss —epss 0.01
Gradio is an open-source Python package designed for quick prototyping. This vulnerability relates to the **bypass of directory traversal checks** within the `is_in_or_equal` function. This function, intended to check if a file resides within a given directory, can be bypassed…
- CVE-2024-47165Oct 10, 2024risk 0.00cvss —epss 0.00
Gradio is an open-source Python package designed for quick prototyping. This vulnerability relates to **CORS origin validation accepting a null origin**. When a Gradio server is deployed locally, the `localhost_aliases` variable includes "null" as a valid origin. This allows…
- CVE-2024-47166Oct 10, 2024risk 0.00cvss —epss 0.00
Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves a **one-level read path traversal** in the `/custom_component` endpoint. Attackers can exploit this flaw to access and leak source code from custom Gradio components by…
- CVE-2024-47167Oct 10, 2024risk 0.00cvss —epss 0.00
Gradio is an open-source Python package designed for quick prototyping. This vulnerability relates to **Server-Side Request Forgery (SSRF)** in the `/queue/join` endpoint. Gradio’s `async_save_url_to_cache` function allows attackers to force the Gradio server to send HTTP…
- CVE-2024-47168Oct 10, 2024risk 0.00cvss —epss 0.00
Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves data exposure due to the enable_monitoring flag not properly disabling monitoring when set to False. Even when monitoring is supposedly disabled, an attacker or unauthorized user…
- CVE-2024-4325Jun 6, 2024risk 0.00cvss —epss 0.37
A Server-Side Request Forgery (SSRF) vulnerability exists in the gradio-app/gradio version 4.21.0, specifically within the `/queue/join` endpoint and the `save_url_to_cache` function. The vulnerability arises when the `path` value, obtained from the user and expected to be a…
- CVE-2024-4941Jun 6, 2024risk 0.00cvss —epss 0.01
A local file inclusion vulnerability exists in the JSON component of gradio-app/gradio version 4.25. The vulnerability arises from improper input validation in the `postprocess()` function within `gradio/components/json_component.py`, where a user-controlled string is parsed as…
- CVE-2024-4254Jun 4, 2024risk 0.00cvss —epss 0.00
The 'deploy-website.yml' workflow in the gradio-app/gradio repository, specifically in the 'main' branch, is vulnerable to secrets exfiltration due to improper authorization. The vulnerability arises from the workflow's explicit checkout and execution of code from a fork, which…
- CVE-2024-4253Jun 4, 2024risk 0.00cvss —epss 0.02
A command injection vulnerability exists in the gradio-app/gradio repository, specifically within the 'test-functional.yml' workflow. The vulnerability arises due to improper neutralization of special elements used in a command, allowing for unauthorized modification of the base…
- CVE-2024-1561Apr 16, 2024risk 0.00cvss —epss 0.09
An issue was discovered in gradio-app/gradio, where the `/component_server` endpoint improperly allows the invocation of any method on a `Component` class with attacker-controlled arguments. Specifically, by exploiting the `move_resource_to_block_cache()` method of the `Block`…
- CVE-2024-1183Apr 16, 2024risk 0.00cvss —epss 0.02
An SSRF (Server-Side Request Forgery) vulnerability exists in the gradio-app/gradio repository, allowing attackers to scan and identify open ports within an internal network. By manipulating the 'file' parameter in a GET request, an attacker can discern the status of internal…
- CVE-2024-1728Apr 10, 2024risk 0.00cvss —epss 0.85
gradio-app/gradio is vulnerable to a local file inclusion vulnerability due to improper validation of user-supplied input in the UploadButton component. Attackers can exploit this vulnerability to read arbitrary files on the filesystem, such as private SSH keys, by manipulating…
- CVE-2024-1729Mar 29, 2024risk 0.00cvss —epss 0.01
A timing attack vulnerability exists in the gradio-app/gradio repository, specifically within the login function in routes.py. The vulnerability arises from the use of a direct comparison operation (`app.auth[username] == password`) to validate user credentials, which can be…
- CVE-2024-1540Mar 27, 2024risk 0.00cvss —epss 0.02
A command injection vulnerability exists in the deploy+test-visual.yml workflow of the gradio-app/gradio repository, due to improper neutralization of special elements used in a command. This vulnerability allows attackers to execute unauthorized commands, potentially leading to…
- CVE-2024-2206Mar 27, 2024risk 0.00cvss —epss 0.00
An SSRF vulnerability exists in the gradio-app/gradio due to insufficient validation of user-supplied URLs in the `/proxy` route. Attackers can exploit this vulnerability by manipulating the `self.replica_urls` set through the `X-Direct-Url` header in requests to the `/` and…
- CVE-2024-1727Mar 21, 2024risk 0.00cvss —epss 0.00
A Cross-Site Request Forgery (CSRF) vulnerability in gradio-app/gradio allows attackers to upload multiple large files to a victim's system if they are running Gradio locally. By crafting a malicious HTML page that triggers an unauthorized file upload to the victim's server, an…