Gradio Project Security Vulnerabilities (CVEs)
Track 19 security vulnerabilities affecting Gradio Project products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
A Denial of Service vulnerability in gradio-app/gradio version 0.39.1 allows attackers to crash servers by uploading files with excessively long filen...
Mar 20, 2025An open redirect vulnerability in gradio-app/gradio allows attackers to redirect users to malicious websites using URL encoding. This affects all user...
Mar 20, 2025This vulnerability allows attackers to bypass Gradio's file access controls by changing the letter case of blocked file paths on case-insensitive file...
Jan 14, 2025This vulnerability in Gradio allows attackers with access to the application to read arbitrary files from the server when using File or UploadButton c...
Nov 6, 2024A race condition in Gradio's update_root_in_config function allows attackers to redirect frontend-backend communication to malicious servers. This cou...
Oct 10, 2024This vulnerability allows attackers to intercept and read files uploaded to Gradio servers when using the share=True option, as HTTPS is not enforced....
Oct 10, 2024This vulnerability allows attackers to replace the FRP client binary with malicious code during download, as Gradio lacks integrity verification. User...
Oct 10, 2024This Server-Side Request Forgery (SSRF) vulnerability in Gradio allows attackers to force the server to make HTTP requests to arbitrary URLs, potentia...
Oct 10, 2024This CVE allows malicious websites to bypass CORS origin validation in Gradio servers when cookies are present, enabling unauthorized requests to loca...
Oct 10, 2024This CVE allows attackers to make unauthorized requests to locally deployed Gradio servers from sandboxed iframes or other sources with a null origin....
Oct 10, 2024A Server-Side Request Forgery (SSRF) vulnerability in gradio-app/gradio version 4.21.0 allows attackers to make unauthorized HTTP requests from the vu...
Jun 6, 2024This CVE describes a local file inclusion vulnerability in gradio-app/gradio version 4.25. Attackers can exploit improper JSON parsing in the postproc...
Jun 6, 2024This CVE describes a GitHub Actions workflow vulnerability in the gradio repository that allows attackers to exfiltration sensitive secrets. The workf...
Jun 4, 2024Gradio versions before 4.20 on Windows systems may leak credentials stored in environment variables or configuration files. This affects any Windows u...
May 5, 2024This vulnerability in gradio allows attackers to read any file on the filesystem by exploiting the /component_server endpoint. It affects gradio appli...
Apr 16, 2024A command injection vulnerability in the gradio-app/gradio repository's GitHub Actions workflow allows attackers to execute arbitrary commands by mani...
Mar 27, 2024CVE-2024-0964 is a critical local file inclusion vulnerability in Gradio that allows remote attackers to read arbitrary files on the server by exploit...
Feb 5, 2024This CVE describes a command injection vulnerability in the Gradio library that allows attackers to execute arbitrary commands on the host system. It ...
Dec 14, 2023CVE-2023-34239 is a vulnerability in the Gradio Python library that allows attackers to access arbitrary files on the server and proxy requests to una...
Jun 8, 2023Why Monitor Gradio Project Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 19+ known vulnerabilities affecting Gradio Project products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Gradio Project packages in under 60 seconds. No agents required - completely agentless scanning that works across Gradio Project deployments.
Free vulnerability database: Access detailed information about every Gradio Project CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Gradio Project CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
