Gradio Project Gradio vulnerabilities
52 known vulnerabilities affecting gradio_project/gradio.
Total CVEs
52
CISA KEV
0
Public exploits
9
Exploited in wild
3
Severity breakdown
CRITICAL6HIGH24MEDIUM19LOW3
Vulnerabilities
Page 1 of 3
CVE-2024-4325P1HIGHCVSS 8.6ExploitedPoCfixed in 4.41.02024-06-06
CVE-2024-4325 [HIGH] CWE-918 CVE-2024-4325: A Server-Side Request Forgery (SSRF) vulnerability exists in the gradio-app/gradio version 4.21.0, s
A Server-Side Request Forgery (SSRF) vulnerability exists in the gradio-app/gradio version 4.21.0, specifically within the `/queue/join` endpoint and the `save_url_to_cache` function. The vulnerability arises when the `path` value, obtained from the user and expected to be a URL, is used to make an HTTP request without sufficient validation checks. This
ghsanvdosv
CVE-2026-28414P1HIGHCVSS 7.5ExploitedPoCfixed in 6.7.02026-02-27
CVE-2026-28414 [HIGH] CWE-36 CVE-2026-28414: Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.7, Gradio
Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.7, Gradio apps running on Window with Python 3.13+ are vulnerable to an absolute path traversal issue that enables unauthenticated attackers to read arbitrary files from the file system. Python 3.13+ changed the definition of `os.path.isabs` so that root-relative
ghsanvdosv
CVE-2024-1561P1HIGHCVSS 7.5ExploitedPoC≥ 4.12.0, < 4.13.02024-04-16
CVE-2024-1561 [HIGH] CWE-29 CVE-2024-1561: An issue was discovered in gradio-app/gradio, where the `/component_server` endpoint improperly allo
An issue was discovered in gradio-app/gradio, where the `/component_server` endpoint improperly allows the invocation of any method on a `Component` class with attacker-controlled arguments. Specifically, by exploiting the `move_resource_to_block_cache()` method of the `Block` class, an attacker can copy any file on the filesystem to a temporary director
ghsanvdosv
CVE-2024-1728P2HIGHCVSS 7.5PoC≥ 4.18.0, < 4.19.22024-04-10
CVE-2024-1728 [HIGH] CWE-22 CVE-2024-1728: gradio-app/gradio is vulnerable to a local file inclusion vulnerability due to improper validation o
gradio-app/gradio is vulnerable to a local file inclusion vulnerability due to improper validation of user-supplied input in the UploadButton component. Attackers can exploit this vulnerability to read arbitrary files on the filesystem, such as private SSH keys, by manipulating the file path in the request to the `/queue/join` endpoint. This issue could
ghsanvdosv
CVE-2023-51449P2HIGHCVSS 7.5PoCfixed in 4.11.02023-12-22
CVE-2023-51449 [HIGH] CWE-22 CVE-2023-51449: Gradio is an open-source Python package that allows you to quickly build a demo or web application f
Gradio is an open-source Python package that allows you to quickly build a demo or web application for your machine learning model, API, or any arbitary Python function. Versions of `gradio` prior to 4.11.0 contained a vulnerability in the `/file` route which made them susceptible to file traversal attacks in which an attacker could access arbitrary fi
ghsanvdosv
CVE-2021-43831P3HIGHCVSS 7.7PoCfixed in 2.5.02021-12-15
CVE-2021-43831 [HIGH] CWE-22 CVE-2021-43831: Gradio is an open source framework for building interactive machine learning models and demos. In ve
Gradio is an open source framework for building interactive machine learning models and demos. In versions prior to 2.5.0 there is a vulnerability that affects anyone who creates and publicly shares Gradio interfaces. File paths are not restricted and users who receive a Gradio link can access any files on the host computer if they know the file names
ghsanvdosv
CVE-2024-1183P3MEDIUMCVSS 6.5PoC≥ 3.41.0, < 4.11.02024-04-16
CVE-2024-1183 [MEDIUM] CWE-601 CVE-2024-1183: An SSRF (Server-Side Request Forgery) vulnerability exists in the gradio-app/gradio repository, allo
An SSRF (Server-Side Request Forgery) vulnerability exists in the gradio-app/gradio repository, allowing attackers to scan and identify open ports within an internal network. By manipulating the 'file' parameter in a GET request, an attacker can discern the status of internal ports based on the presence of a 'Location' header or a 'File not allowed' e
ghsanvdosv
CVE-2023-25823P3CRITICALCVSS 9.8fixed in 3.13.12023-02-23
CVE-2023-25823 [CRITICAL] CWE-798 CVE-2023-25823: Gradio is an open-source Python library to build machine learning and data science demos and web app
Gradio is an open-source Python library to build machine learning and data science demos and web applications. Versions prior to 3.13.1 contain Use of Hard-coded Credentials. When using Gradio's share links (i.e. creating a Gradio app and then setting `share=True`), a private SSH key is sent to any user that connects to the Gradio machine, which m
ghsanvdosv
CVE-2024-4253P3CRITICALCVSS 9.1fixed in 4.29.02024-06-04
CVE-2024-4253 [CRITICAL] CWE-78 CVE-2024-4253: A command injection vulnerability exists in the gradio-app/gradio repository, specifically within th
A command injection vulnerability exists in the gradio-app/gradio repository, specifically within the 'test-functional.yml' workflow. The vulnerability arises due to improper neutralization of special elements used in a command, allowing for unauthorized modification of the base repository or secrets exfiltration. The issue affects versions up to and
nvd
CVE-2024-4940P3MEDIUMCVSS 6.1PoCv4.36.02024-06-22
CVE-2024-4940 [MEDIUM] CWE-601 CVE-2024-4940: An open redirect vulnerability exists in the gradio-app/gradio, affecting the latest version. The vu
An open redirect vulnerability exists in the gradio-app/gradio, affecting the latest version. The vulnerability allows an attacker to redirect users to arbitrary websites, which can be exploited for phishing attacks, Cross-site Scripting (XSS), Server-Side Request Forgery (SSRF), amongst others. This issue is due to improper validation of user-supplie
ghsanvdosv
CVE-2026-28416P3HIGHCVSS 8.6fixed in 6.6.02026-02-27
CVE-2026-28416 [HIGH] CWE-918 CVE-2026-28416: Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.6.0, a Se
Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.6.0, a Server-Side Request Forgery (SSRF) vulnerability in Gradio allows an attacker to make arbitrary HTTP requests from a victim's server by hosting a malicious Gradio Space. When a victim application uses `gr.load()` to load an attacker-controlled Space, the
ghsanvdosv
CVE-2024-47167P3CRITICALCVSS 9.8fixed in 5.0.02024-10-10
CVE-2024-47167 [CRITICAL] CWE-918 CVE-2024-47167: Gradio is an open-source Python package designed for quick prototyping. This vulnerability relates t
Gradio is an open-source Python package designed for quick prototyping. This vulnerability relates to **Server-Side Request Forgery (SSRF)** in the `/queue/join` endpoint. Gradio’s `async_save_url_to_cache` function allows attackers to force the Gradio server to send HTTP requests to user-controlled URLs. This could enable attackers to target inte
ghsanvdosv
CVE-2024-8021P3MEDIUMPoC≥ 0, ≤ 4.37.22025-03-20
CVE-2024-8021 [MEDIUM] CWE-601 Gradio Vulnerable to Open Redirect
Gradio Vulnerable to Open Redirect
An open redirect vulnerability exists in the latest version of gradio-app/gradio. The vulnerability allows an attacker to redirect users to a malicious website by URL encoding. This can be exploited by sending a crafted request to the application, which results in a 302 redirect to an attacker-controlled site.
ghsaosv
CVE-2024-47871P3CRITICALCVSS 9.1fixed in 5.0.02024-10-10
CVE-2024-47871 [CRITICAL] CWE-311 CVE-2024-47871: Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves
Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves **insecure communication** between the FRP (Fast Reverse Proxy) client and server when Gradio's `share=True` option is used. HTTPS is not enforced on the connection, allowing attackers to intercept and read files uploaded to the Gradio server, as wel
ghsanvdosv
CVE-2024-39236P3CRITICALCVSS 9.8v4.36.12024-07-01
CVE-2024-39236 [CRITICAL] CWE-94 CVE-2024-39236: Gradio v4.36.1 was discovered to contain a code injection vulnerability via the component /gradio/co
Gradio v4.36.1 was discovered to contain a code injection vulnerability via the component /gradio/component_meta.py. This vulnerability is triggered via a crafted input. NOTE: the supplier disputes this because the report is about a user attacking himself.
nvd
CVE-2023-34239P3CRITICALCVSS 9.1fixed in 3.34.02023-06-08
CVE-2023-34239 [CRITICAL] CWE-20 CVE-2023-34239: Gradio is an open-source Python library that is used to build machine learning and data science. Due
Gradio is an open-source Python library that is used to build machine learning and data science. Due to a lack of path filtering Gradio does not properly restrict file access to users. Additionally Gradio does not properly restrict the what URLs are proxied. These issues have been addressed in version 3.34.0. Users are advised to upgrade. There are
ghsanvdosv
CVE-2024-1540P3HIGHCVSS 8.2fixed in 2024-02-092024-03-27
CVE-2024-1540 [HIGH] CWE-77 CVE-2024-1540: A command injection vulnerability exists in the deploy+test-visual.yml workflow of the gradio-app/gr
A command injection vulnerability exists in the deploy+test-visual.yml workflow of the gradio-app/gradio repository, due to improper neutralization of special elements used in a command. This vulnerability allows attackers to execute unauthorized commands, potentially leading to unauthorized modification of the base repository or secrets exfiltration. Th
ghsanvd
CVE-2023-6572P3HIGHCVSS 8.1fixed in 4.14.02023-12-14
CVE-2023-6572 [HIGH] CWE-77 CVE-2023-6572: Command Injection in GitHub repository gradio-app/gradio prior to main.
Command Injection in GitHub repository gradio-app/gradio prior to main.
ghsanvdosv
CVE-2024-47870P3HIGHCVSS 8.1fixed in 5.0.02024-10-10
CVE-2024-47870 [HIGH] CWE-362 CVE-2024-47870: Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves
Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves a **race condition** in the `update_root_in_config` function, allowing an attacker to modify the `root` URL used by the Gradio frontend to communicate with the backend. By exploiting this flaw, an attacker can redirect user traffic to a malicious server.
ghsanvdosv
CVE-2024-0964P3HIGH≥ 0, < 4.9.02024-02-06
CVE-2024-0964 [HIGH] CWE-22 Gradio Path Traversal vulnerability
Gradio Path Traversal vulnerability
A local file include could be remotely triggered in Gradio due to a vulnerable user-supplied JSON value in an API request.
ghsaosv
1 / 3Next →