CVSS: 8.7EPSS: 0%CPEs: 1EXPL: 0CVE-2025-23042 – Gradio Blocked Path ACL Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2025-23042
14 Jan 2025 — Gradio is an open-source Python package that allows quick building of demos and web application for machine learning models, API, or any arbitrary Python function. Gradio's Access Control List (ACL) for file paths can be bypassed by altering the letter case of a blocked file or directory path. This vulnerability arises due to the lack of case normalization in the file path validation logic. On case-insensitive file systems, such as those used by Windows and macOS, this flaw enables attackers to circumvent s... • https://github.com/gradio-app/gradio/security/advisories/GHSA-j2jg-fq62-7c3h • CWE-285: Improper Authorization •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-51751 – Arbitrary file read with File and UploadButton components in Gradio
https://notcve.org/view.php?id=CVE-2024-51751
06 Nov 2024 — Gradio is an open-source Python package designed to enable quick builds of a demo or web application. If File or UploadButton components are used as a part of Gradio application to preview file content, an attacker with access to the application might abuse these components to read arbitrary files from the application server. This issue has been addressed in release version 5.5.0 and all users are advised to upgrade. There are no known workarounds for this vulnerability. • https://github.com/gradio-app/gradio/security/advisories/GHSA-rhm9-gp5p-5248 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47867 – Lack of integrity check on the downloaded FRP client in Gradio
https://notcve.org/view.php?id=CVE-2024-47867
10 Oct 2024 — Gradio is an open-source Python package designed for quick prototyping. This vulnerability is a **lack of integrity check** on the downloaded FRP client, which could potentially allow attackers to introduce malicious code. If an attacker gains access to the remote URL from which the FRP client is downloaded, they could modify the binary without detection, as the Gradio server does not verify the file's checksum or signature. Any users utilizing the Gradio server's sharing mechanism that downloads the FRP cl... • https://github.com/gradio-app/gradio/security/advisories/GHSA-8c87-gvhj-xm8m • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47868 – Several components’ post-process steps may allow arbitrary file leaks in Gradio
https://notcve.org/view.php?id=CVE-2024-47868
10 Oct 2024 — Gradio is an open-source Python package designed for quick prototyping. This is a **data validation vulnerability** affecting several Gradio components, which allows arbitrary file leaks through the post-processing step. Attackers can exploit these components by crafting requests that bypass expected input constraints. This issue could lead to sensitive files being exposed to unauthorized users, especially when combined with other vulnerabilities, such as issue TOB-GRADIO-15. The components most at risk are... • https://github.com/gradio-app/gradio/security/advisories/GHSA-4q3c-cj7g-jcwf • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 3.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47869 – Non-constant-time comparison when comparing hashes in Gradio
https://notcve.org/view.php?id=CVE-2024-47869
10 Oct 2024 — Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves a **timing attack** in the way Gradio compares hashes for the `analytics_dashboard` function. Since the comparison is not done in constant time, an attacker could exploit this by measuring the response time of different requests to infer the correct hash byte-by-byte. This can lead to unauthorized access to the analytics dashboard, especially if the attacker can repeatedly query the system with different keys... • https://github.com/gradio-app/gradio/security/advisories/GHSA-j757-pf57-f8r4 • CWE-203: Observable Discrepancy •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47870 – Race condition in update_root_in_config may redirect user traffic in Gradio
https://notcve.org/view.php?id=CVE-2024-47870
10 Oct 2024 — Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves a **race condition** in the `update_root_in_config` function, allowing an attacker to modify the `root` URL used by the Gradio frontend to communicate with the backend. By exploiting this flaw, an attacker can redirect user traffic to a malicious server. This could lead to the interception of sensitive data such as authentication credentials or uploaded files. This impacts all users who connect to a Gradio se... • https://github.com/gradio-app/gradio/security/advisories/GHSA-xh2x-3mrm-fwqm • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 9.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47871 – Insecure communication between the FRP client and server in Gradio
https://notcve.org/view.php?id=CVE-2024-47871
10 Oct 2024 — Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves **insecure communication** between the FRP (Fast Reverse Proxy) client and server when Gradio's `share=True` option is used. HTTPS is not enforced on the connection, allowing attackers to intercept and read files uploaded to the Gradio server, as well as modify responses or data sent between the client and server. This impacts users who are sharing Gradio demos publicly over the internet using `share=True` wi... • https://github.com/gradio-app/gradio/security/advisories/GHSA-279j-x4gx-hfrh • CWE-311: Missing Encryption of Sensitive Data •
CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47872 – Cross-site Scripting on Gradio server via upload of HTML files, JS files, or SVG files
https://notcve.org/view.php?id=CVE-2024-47872
10 Oct 2024 — Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves **Cross-Site Scripting (XSS)** on any Gradio server that allows file uploads. Authenticated users can upload files such as HTML, JavaScript, or SVG files containing malicious scripts. When other users download or view these files, the scripts will execute in their browser, allowing attackers to perform unauthorized actions or steal sensitive information from their sessions. This impacts any Gradio server that... • https://github.com/gradio-app/gradio/security/advisories/GHSA-gvv6-33j7-884g • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47084 – CORS origin validation is not performed when the request has a cookie in Gradio
https://notcve.org/view.php?id=CVE-2024-47084
10 Oct 2024 — Gradio is an open-source Python package designed for quick prototyping. This vulnerability is related to **CORS origin validation**, where the Gradio server fails to validate the request origin when a cookie is present. This allows an attacker’s website to make unauthorized requests to a local Gradio server. Potentially, attackers can upload files, steal authentication tokens, and access user data if the victim visits a malicious website while logged into Gradio. This impacts users who have deployed Gradio ... • https://github.com/gradio-app/gradio/security/advisories/GHSA-3c67-5hwx-f6wx • CWE-285: Improper Authorization •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47164 – The `is_in_or_equal` function may be bypassed in Gradio
https://notcve.org/view.php?id=CVE-2024-47164
10 Oct 2024 — Gradio is an open-source Python package designed for quick prototyping. This vulnerability relates to the **bypass of directory traversal checks** within the `is_in_or_equal` function. This function, intended to check if a file resides within a given directory, can be bypassed with certain payloads that manipulate file paths using `..` (parent directory) sequences. Attackers could potentially access restricted files if they are able to exploit this flaw, although the difficulty is high. This primarily impac... • https://github.com/gradio-app/gradio/security/advisories/GHSA-77xq-6g77-h274 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •