cbcvebase.

Gradio-App Gradio vulnerabilities

26 known vulnerabilities affecting gradio-app/gradio.

Total CVEs
26
CISA KEV
0
Public exploits
2
Exploited in wild
1
Severity breakdown
CRITICAL4HIGH10MEDIUM9LOW3

Vulnerabilities

Page 1 of 2
CVE-2026-28414P1HIGHCVSS 7.5ExploitedPoCfixed in 6.72026-02-27
CVE-2026-28414 [HIGH] CWE-36 CVE-2026-28414: Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.7, Gradio Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.7, Gradio apps running on Window with Python 3.13+ are vulnerable to an absolute path traversal issue that enables unauthenticated attackers to read arbitrary files from the file system. Python 3.13+ changed the definition of `os.path.isabs` so that root-relative
nvd
CVE-2021-43831P3HIGHCVSS 7.7PoCfixed in 2.5.02021-12-15
CVE-2021-43831 [HIGH] CWE-22 CVE-2021-43831: Gradio is an open source framework for building interactive machine learning models and demos. In ve Gradio is an open source framework for building interactive machine learning models and demos. In versions prior to 2.5.0 there is a vulnerability that affects anyone who creates and publicly shares Gradio interfaces. File paths are not restricted and users who receive a Gradio link can access any files on the host computer if they know the file names
nvd
CVE-2023-25823P3CRITICALCVSS 9.8fixed in 3.13.12023-02-23
CVE-2023-25823 [CRITICAL] CWE-798 CVE-2023-25823: Gradio is an open-source Python library to build machine learning and data science demos and web app Gradio is an open-source Python library to build machine learning and data science demos and web applications. Versions prior to 3.13.1 contain Use of Hard-coded Credentials. When using Gradio's share links (i.e. creating a Gradio app and then setting `share=True`), a private SSH key is sent to any user that connects to the Gradio machine, which m
nvd
CVE-2026-28416P3HIGHCVSS 8.6fixed in 6.6.02026-02-27
CVE-2026-28416 [HIGH] CWE-918 CVE-2026-28416: Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.6.0, a Se Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.6.0, a Server-Side Request Forgery (SSRF) vulnerability in Gradio allows an attacker to make arbitrary HTTP requests from a victim's server by hosting a malicious Gradio Space. When a victim application uses `gr.load()` to load an attacker-controlled Space, the
nvd
CVE-2024-47167P3CRITICALCVSS 9.8fixed in 5.02024-10-10
CVE-2024-47167 [CRITICAL] CWE-918 CVE-2024-47167: Gradio is an open-source Python package designed for quick prototyping. This vulnerability relates t Gradio is an open-source Python package designed for quick prototyping. This vulnerability relates to **Server-Side Request Forgery (SSRF)** in the `/queue/join` endpoint. Gradio’s `async_save_url_to_cache` function allows attackers to force the Gradio server to send HTTP requests to user-controlled URLs. This could enable attackers to target inte
nvd
CVE-2024-47871P3CRITICALCVSS 9.1fixed in 5.0.02024-10-10
CVE-2024-47871 [CRITICAL] CWE-311 CVE-2024-47871: Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves **insecure communication** between the FRP (Fast Reverse Proxy) client and server when Gradio's `share=True` option is used. HTTPS is not enforced on the connection, allowing attackers to intercept and read files uploaded to the Gradio server, as wel
nvd
CVE-2023-34239P3CRITICALCVSS 9.1fixed in 3.34.02023-06-08
CVE-2023-34239 [CRITICAL] CWE-20 CVE-2023-34239: Gradio is an open-source Python library that is used to build machine learning and data science. Due Gradio is an open-source Python library that is used to build machine learning and data science. Due to a lack of path filtering Gradio does not properly restrict file access to users. Additionally Gradio does not properly restrict the what URLs are proxied. These issues have been addressed in version 3.34.0. Users are advised to upgrade. There are
nvd
CVE-2024-47870P3HIGHCVSS 8.1fixed in 5.0.02024-10-10
CVE-2024-47870 [HIGH] CWE-362 CVE-2024-47870: Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves a **race condition** in the `update_root_in_config` function, allowing an attacker to modify the `root` URL used by the Gradio frontend to communicate with the backend. By exploiting this flaw, an attacker can redirect user traffic to a malicious server.
nvd
CVE-2022-24770P3HIGHCVSS 8.8fixed in 2.8.112022-03-17
CVE-2022-24770 [HIGH] CWE-1236 CVE-2022-24770: `gradio` is an open source framework for building interactive machine learning models and demos. Pri `gradio` is an open source framework for building interactive machine learning models and demos. Prior to version 2.8.11, `gradio` suffers from Improper Neutralization of Formula Elements in a CSV File. The `gradio` library has a flagging functionality which saves input/output data into a CSV file on the developer's computer. This can allow a user to
nvd
CVE-2024-47084P3HIGHCVSS 8.3fixed in 4.442024-10-10
CVE-2024-47084 [HIGH] CWE-285 CVE-2024-47084: Gradio is an open-source Python package designed for quick prototyping. This vulnerability is relate Gradio is an open-source Python package designed for quick prototyping. This vulnerability is related to **CORS origin validation**, where the Gradio server fails to validate the request origin when a cookie is present. This allows an attacker’s website to make unauthorized requests to a local Gradio server. Potentially, attackers can upload files, st
nvd
CVE-2024-47868P3HIGHCVSS 7.5fixed in 5.02024-10-10
CVE-2024-47868 [HIGH] CWE-200 CVE-2024-47868: Gradio is an open-source Python package designed for quick prototyping. This is a **data validation Gradio is an open-source Python package designed for quick prototyping. This is a **data validation vulnerability** affecting several Gradio components, which allows arbitrary file leaks through the post-processing step. Attackers can exploit these components by crafting requests that bypass expected input constraints. This issue could lead to sensitiv
nvd
CVE-2025-48889P3HIGHCVSS 7.5fixed in 5.31.02025-05-30
CVE-2025-48889 [HIGH] CWE-434 CVE-2025-48889: Gradio is an open-source Python package that allows quick building of demos and web application for Gradio is an open-source Python package that allows quick building of demos and web application for machine learning models, API, or any arbitrary Python function. Prior to version 5.31.0, an arbitrary file copy vulnerability in Gradio's flagging feature allows unauthenticated attackers to copy any readable file from the server's filesystem. While atta
nvd
CVE-2025-23042P3HIGHCVSS 7.5fixed in 5.6.02025-01-14
CVE-2025-23042 [HIGH] CWE-285 CVE-2025-23042: Gradio is an open-source Python package that allows quick building of demos and web application for Gradio is an open-source Python package that allows quick building of demos and web application for machine learning models, API, or any arbitrary Python function. Gradio's Access Control List (ACL) for file paths can be bypassed by altering the letter case of a blocked file or directory path. This vulnerability arises due to the lack of case normaliza
nvd
CVE-2024-47867P3HIGHCVSS 7.5fixed in 5.02024-10-10
CVE-2024-47867 [HIGH] CWE-345 CVE-2024-47867: Gradio is an open-source Python package designed for quick prototyping. This vulnerability is a **la Gradio is an open-source Python package designed for quick prototyping. This vulnerability is a **lack of integrity check** on the downloaded FRP client, which could potentially allow attackers to introduce malicious code. If an attacker gains access to the remote URL from which the FRP client is downloaded, they could modify the binary without detect
nvd
CVE-2024-51751P3MEDIUMCVSS 6.5v>= 5.0.0, < 5.5.02024-11-06
CVE-2024-51751 [MEDIUM] CWE-22 CVE-2024-51751: Gradio is an open-source Python package designed to enable quick builds of a demo or web application Gradio is an open-source Python package designed to enable quick builds of a demo or web application. If File or UploadButton components are used as a part of Gradio application to preview file content, an attacker with access to the application might abuse these components to read arbitrary files from the application server. This issue has been addr
nvd
CVE-2026-27167P3MEDIUMCVSS 5.9v>= 4.16.0, < 6.6.02026-02-27
CVE-2026-27167 [MEDIUM] CWE-522 CVE-2026-27167: Gradio is an open-source Python package designed for quick prototyping. Starting in version 4.16.0 a Gradio is an open-source Python package designed for quick prototyping. Starting in version 4.16.0 and prior to version 6.6.0, Gradio applications running outside of Hugging Face Spaces automatically enable "mocked" OAuth routes when OAuth components (e.g. `gr.LoginButton`) are used. When a user visits `/login/huggingface`, the server retrieves its
nvd
CVE-2026-48545P3MEDIUMCVSS 6.8fixed in 6.15.02026-05-27
CVE-2026-48545 [MEDIUM] CWE-384 CVE-2026-48545: Gradio before version 6.15.0 contains a cookie injection vulnerability that allows remote attackers Gradio before version 6.15.0 contains a cookie injection vulnerability that allows remote attackers to perform cross-Space session fixation by exploiting a shared module-level HTTP client used across all users in the reverse proxy endpoint. Attackers controlling any HF Space can return a parent-domain cookie that the shared client stores and automati
nvd
CVE-2024-47164P3MEDIUMCVSS 6.5fixed in 5.02024-10-10
CVE-2024-47164 [MEDIUM] CWE-22 CVE-2024-47164: Gradio is an open-source Python package designed for quick prototyping. This vulnerability relates t Gradio is an open-source Python package designed for quick prototyping. This vulnerability relates to the **bypass of directory traversal checks** within the `is_in_or_equal` function. This function, intended to check if a file resides within a given directory, can be bypassed with certain payloads that manipulate file paths using `..` (parent direct
nvd
CVE-2024-47166P4MEDIUMCVSS 5.3fixed in 4.442024-10-10
CVE-2024-47166 [MEDIUM] CWE-22 CVE-2024-47166: Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves a **one-level read path traversal** in the `/custom_component` endpoint. Attackers can exploit this flaw to access and leak source code from custom Gradio components by manipulating the file path in the request. Although the traversal is limited to a si
nvd
CVE-2024-47165P4MEDIUMCVSS 5.4fixed in 5.02024-10-10
CVE-2024-47165 [MEDIUM] CWE-285 CVE-2024-47165: Gradio is an open-source Python package designed for quick prototyping. This vulnerability relates t Gradio is an open-source Python package designed for quick prototyping. This vulnerability relates to **CORS origin validation accepting a null origin**. When a Gradio server is deployed locally, the `localhost_aliases` variable includes "null" as a valid origin. This allows attackers to make unauthorized requests from sandboxed iframes or other sou
nvd
Gradio-App Gradio vulnerabilities | cvebase