Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

gradio-app/gradio — Vulnerabilities & Security Advisories 21

All 21 CVE vulnerabilities found in gradio-app/gradio, with AI-generated Chinese analysis, references, and POCs.

This page aggregates security weaknesses associated with the gradio-app/gradio software product, focusing on common vulnerability classifications. It serves as a centralized resource for understanding the security posture of this popular Python library for building machine learning web applications. The collection encompasses a wide spectrum of vulnerability types, including cross-site scripting (XSS), broken access control, and insufficient security controls that have been disclosed for this specific software. The data covers historical and recent entries, allowing users to explore trends over time as new threats emerge and patches are released. By organizing these findings under a unified framework, the page provides clarity on how different attack vectors relate to the gradio-app/gradio codebase and its dependencies. Visitors can use this resource to track vendor advisories and see how the maintainers respond to reported issues. It enables developers and security auditors to understand the prevalence of specific weakness classes within this ecosystem, facilitating more informed risk assessments. Furthermore, users can look up a product's vulnerability history to identify recurring patterns or critical areas requiring immediate attention. This holistic view supports better decision-making for integration, deployment, and mitigation strategies, ensuring that teams are aware of known flaws and can implement appropriate safeguards against potential exploitation.

Vendor: gradio-app

CVE IDTitleCVSSSeverityPublished
CVE-2024-8021 Open Redirect in gradio-app/gradio CWE-601 6.1 -2025-03-20
CVE-2024-10648 Path Traversal in gradio-app/gradio CWE-29 9.1 -2025-03-20
CVE-2024-12217 Path Traversal in gradio-app/gradio CWE-22 3.3 -2025-03-20
CVE-2024-8966 Denial of Service in gradio-app/gradio CWE-770 7.5 -2025-03-20
CVE-2024-10569 Zip Bomb Vulnerability in gradio-app/gradio CWE-475 7.5 -2025-03-20
CVE-2024-10624 Regular Expression Denial of Service (ReDoS) in gradio-app/gradio CWE-1333 7.5 -2025-03-20
CVE-2025-0187 Denial of Service (DoS) by Sending Large Filename at File Upload Endpoint in gradio-app/gradio CWE-400 7.5 -2025-03-20
CVE-2024-4940 Open Redirect in gradio-app/gradio CWE-601 6.1 -2024-06-22
CVE-2024-4325 Server-Side Request Forgery (SSRF) in gradio-app/gradio CWE-918 7.5AIHighAI2024-06-06
CVE-2024-4941 Local File Inclusion in JSON component in gradio-app/gradio CWE-22 7.5AIHighAI2024-06-06
CVE-2024-4254 Secrets Exfiltration in gradio-app/gradio CWE-214 6.5AIMediumAI2024-06-04
CVE-2024-4253 Command Injection in gradio-app/gradio CWE-78 9.8AICriticalAI2024-06-04
CVE-2024-1561 Arbitrary Local File Read via Component Method Invocation in gradio-app/gradio CWE-29 7.5 -2024-04-16
CVE-2024-1183 SSRF Vulnerability in gradio-app/gradio CWE-601 5.3 -2024-04-16
CVE-2024-1728 Local File Inclusion in gradio-app/gradio CWE-22 9.8AICriticalAI2024-04-10
CVE-2024-1729 Timing Attack Vulnerability in gradio-app/gradio CWE-367 5.9AIMediumAI2024-03-29
CVE-2024-1540 Command Injection in gradio-app/gradio via deploy+test-visual.yml workflow CWE-77 7.5 -2024-03-27
CVE-2024-2206 SSRF Vulnerability in gradio-app/gradio CWE-918 7.1 -2024-03-27
CVE-2024-1727 CSRF Vulnerability in gradio-app/gradio CWE-352 7.1 -2024-03-21
CVE-2024-0964 LFI in Gradio CWE-22 9.8 -2024-02-05
CVE-2023-6572 Command Injection in gradio-app/gradio CWE-77 7.5AIHighAI2023-12-14

All 21 known CVE vulnerabilities affecting gradio-app/gradio with full Chinese analysis, references, and POCs where available.