Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/43806?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/43806?format=api", "purl": "pkg:pypi/gradio@5.0.1", "type": "pypi", "namespace": "", "name": "gradio", "version": "5.0.1", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "6.7.0", "latest_non_vulnerable_version": "6.7.0", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36926?format=api", "vulnerability_id": "VCID-3cr8-jcqv-pkc6", "summary": "Gradio is an open-source Python package designed to enable quick builds of a demo or web application. If File or UploadButton components are used as a part of Gradio application to preview file content, an attacker with access to the application might abuse these components to read arbitrary files from the application server. This issue has been addressed in release version 5.5.0 and all users are advised to upgrade. There are no known workarounds for this vulnerability.", "references": [ { "reference_url": "https://github.com/gradio-app/gradio", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/gradio-app/gradio" }, { "reference_url": "https://github.com/gradio-app/gradio/security/advisories/GHSA-rhm9-gp5p-5248", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/gradio-app/gradio/security/advisories/GHSA-rhm9-gp5p-5248" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-51751", "reference_id": "CVE-2024-51751", "reference_type": "", "scores": [ { "value": "0.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-51751" }, { "reference_url": "https://github.com/advisories/GHSA-rhm9-gp5p-5248", "reference_id": "GHSA-rhm9-gp5p-5248", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-rhm9-gp5p-5248" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/43811?format=api", "purl": "pkg:pypi/gradio@5.5.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-aajd-8tqx-c3bn" }, { "vulnerability": "VCID-bmqt-uegd-hyap" }, { "vulnerability": "VCID-dsw8-wy3z-53hm" }, { "vulnerability": "VCID-j1w9-nvdf-nfbr" }, { "vulnerability": "VCID-vaq5-ccvf-kyg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/gradio@5.5.0" } ], "aliases": [ "CVE-2024-51751", "GHSA-rhm9-gp5p-5248", "PYSEC-2024-275" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3cr8-jcqv-pkc6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36959?format=api", "vulnerability_id": "VCID-aajd-8tqx-c3bn", "summary": "Gradio is an open-source Python package that allows quick building of demos and web application for machine learning models, API, or any arbitrary Python function. Gradio's Access Control List (ACL) for file paths can be bypassed by altering the letter case of a blocked file or directory path. This vulnerability arises due to the lack of case normalization in the file path validation logic. On case-insensitive file systems, such as those used by Windows and macOS, this flaw enables attackers to circumvent security restrictions and access sensitive files that should be protected. This issue can lead to unauthorized data access, exposing sensitive information and undermining the integrity of Gradio's security model. Given Gradio's popularity for building web applications, particularly in machine learning and AI, this vulnerability may pose a substantial threat if exploited in production environments. This issue has been addressed in release version 5.6.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.", "references": [ { "reference_url": "https://github.com/gradio-app/gradio", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/gradio-app/gradio" }, { "reference_url": "https://github.com/gradio-app/gradio/commit/6b63fdec441b5c9bf910f910a2505d8defbb6bf8", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/gradio-app/gradio/commit/6b63fdec441b5c9bf910f910a2505d8defbb6bf8" }, { "reference_url": "https://github.com/gradio-app/gradio/releases/tag/gradio%405.11.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/gradio-app/gradio/releases/tag/gradio%405.11.0" }, { "reference_url": "https://github.com/gradio-app/gradio/security/advisories/GHSA-j2jg-fq62-7c3h", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "9.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/gradio-app/gradio/security/advisories/GHSA-j2jg-fq62-7c3h" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-23042", "reference_id": "CVE-2025-23042", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-23042" }, { "reference_url": "https://github.com/advisories/GHSA-j2jg-fq62-7c3h", "reference_id": "GHSA-j2jg-fq62-7c3h", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-j2jg-fq62-7c3h" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/44335?format=api", "purl": "pkg:pypi/gradio@5.6.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bmqt-uegd-hyap" }, { "vulnerability": "VCID-dsw8-wy3z-53hm" }, { "vulnerability": "VCID-j1w9-nvdf-nfbr" }, { "vulnerability": "VCID-vaq5-ccvf-kyg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/gradio@5.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/48234?format=api", "purl": "pkg:pypi/gradio@5.11.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bmqt-uegd-hyap" }, { "vulnerability": "VCID-dsw8-wy3z-53hm" }, { "vulnerability": "VCID-j1w9-nvdf-nfbr" }, { "vulnerability": "VCID-vaq5-ccvf-kyg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/gradio@5.11.0" } ], "aliases": [ "CVE-2025-23042", "GHSA-j2jg-fq62-7c3h", "PYSEC-2025-118" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-aajd-8tqx-c3bn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37222?format=api", "vulnerability_id": "VCID-bmqt-uegd-hyap", "summary": "Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.6.0, a Server-Side Request Forgery (SSRF) vulnerability in Gradio allows an attacker to make arbitrary HTTP requests from a victim's server by hosting a malicious Gradio Space. When a victim application uses `gr.load()` to load an attacker-controlled Space, the malicious `proxy_url` from the config is trusted and added to the allowlist, enabling the attacker to access internal services, cloud metadata endpoints, and private networks through the victim's infrastructure. Version 6.6.0 fixes the issue.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28416.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28416.json" }, { "reference_url": "https://github.com/gradio-app/gradio", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/gradio-app/gradio" }, { "reference_url": "https://github.com/gradio-app/gradio/commit/fc7c01ea1e581ef70be98fddf003b0c91315c7cc", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/gradio-app/gradio/commit/fc7c01ea1e581ef70be98fddf003b0c91315c7cc" }, { "reference_url": "https://github.com/gradio-app/gradio/releases/tag/gradio%406.6.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/gradio-app/gradio/releases/tag/gradio%406.6.0" }, { "reference_url": "https://github.com/gradio-app/gradio/security/advisories/GHSA-jmh7-g254-2cq9", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/gradio-app/gradio/security/advisories/GHSA-jmh7-g254-2cq9" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2443453", "reference_id": "2443453", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2443453" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28416", "reference_id": "CVE-2026-28416", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28416" }, { "reference_url": "https://github.com/advisories/GHSA-jmh7-g254-2cq9", "reference_id": "GHSA-jmh7-g254-2cq9", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-jmh7-g254-2cq9" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/48309?format=api", "purl": "pkg:pypi/gradio@6.6.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dsw8-wy3z-53hm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/gradio@6.6.0" } ], "aliases": [ "CVE-2026-28416", "GHSA-jmh7-g254-2cq9", "PYSEC-2026-66" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bmqt-uegd-hyap" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37220?format=api", "vulnerability_id": "VCID-dsw8-wy3z-53hm", "summary": "Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.7, Gradio apps running on Window with Python 3.13+ are vulnerable to an absolute path traversal issue that enables unauthenticated attackers to read arbitrary files from the file system. Python 3.13+ changed the definition of `os.path.isabs` so that root-relative paths like `/windows/win.ini` on Windows are no longer considered absolute paths, resulting in a vulnerability in Gradio's logic for joining paths safely. This can be exploited by unauthenticated attackers to read arbitrary files from the Gradio server, even when Gradio is set up with authentication. Version 6.7 fixes the issue.", "references": [ { "reference_url": "https://github.com/gradio-app/gradio", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/gradio-app/gradio" }, { "reference_url": "https://github.com/gradio-app/gradio/commit/6011b00d0154b85532fa901dd73cf8fa7d86fd04", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/gradio-app/gradio/commit/6011b00d0154b85532fa901dd73cf8fa7d86fd04" }, { "reference_url": "https://github.com/gradio-app/gradio/security/advisories/GHSA-39mp-8hj3-5c49", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/gradio-app/gradio/security/advisories/GHSA-39mp-8hj3-5c49" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28414", "reference_id": "CVE-2026-28414", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28414" }, { "reference_url": "https://github.com/advisories/GHSA-39mp-8hj3-5c49", "reference_id": "GHSA-39mp-8hj3-5c49", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-39mp-8hj3-5c49" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/48310?format=api", "purl": "pkg:pypi/gradio@6.7.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/gradio@6.7.0" } ], "aliases": [ "CVE-2026-28414", "GHSA-39mp-8hj3-5c49", "PYSEC-2026-64" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dsw8-wy3z-53hm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37221?format=api", "vulnerability_id": "VCID-j1w9-nvdf-nfbr", "summary": "Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.6.0, the _redirect_to_target() function in Gradio's OAuth flow accepts an unvalidated _target_url query parameter, allowing redirection to arbitrary external URLs. This affects the /logout and /login/callback endpoints on Gradio apps with OAuth enabled (i.e. apps running on Hugging Face Spaces with gr.LoginButton). Starting in version 6.6.0, the _target_url parameter is sanitized to only use the path, query, and fragment, stripping any scheme or host.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28415.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28415.json" }, { "reference_url": "https://github.com/gradio-app/gradio", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/gradio-app/gradio" }, { "reference_url": "https://github.com/gradio-app/gradio/commit/dfee0da06d0aa94b3c2684131e7898d5d5c1911e", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/gradio-app/gradio/commit/dfee0da06d0aa94b3c2684131e7898d5d5c1911e" }, { "reference_url": "https://github.com/gradio-app/gradio/releases/tag/gradio%406.6.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/gradio-app/gradio/releases/tag/gradio%406.6.0" }, { "reference_url": "https://github.com/gradio-app/gradio/security/advisories/GHSA-pfjf-5gxr-995x", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/gradio-app/gradio/security/advisories/GHSA-pfjf-5gxr-995x" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2443449", "reference_id": "2443449", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2443449" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28415", "reference_id": "CVE-2026-28415", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28415" }, { "reference_url": "https://github.com/advisories/GHSA-pfjf-5gxr-995x", "reference_id": "GHSA-pfjf-5gxr-995x", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-pfjf-5gxr-995x" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/48309?format=api", "purl": "pkg:pypi/gradio@6.6.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dsw8-wy3z-53hm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/gradio@6.6.0" } ], "aliases": [ "CVE-2026-28415", "GHSA-pfjf-5gxr-995x", "PYSEC-2026-65" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j1w9-nvdf-nfbr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56872?format=api", "vulnerability_id": "VCID-uvd9-43p8-suhm", "summary": "Gradio Path Traversal vulnerability\nA vulnerability in the gradio-app/gradio repository, version git 67e4044, allows for path traversal on Windows OS. The implementation of the blocked_path functionality, which is intended to disallow users from reading certain files, is flawed. Specifically, while the application correctly blocks access to paths like 'C:/tmp/secret.txt', it fails to block access when using NTFS Alternate Data Streams (ADS) syntax, such as 'C:/tmp/secret.txt::$DATA'. This flaw can lead to unauthorized reading of blocked file paths.", "references": [ { "reference_url": "https://github.com/gradio-app/gradio", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/gradio-app/gradio" }, { "reference_url": "https://github.com/gradio-app/gradio/blob/67e4044c9ca8358eceeb1fa72fa415df03397d20/gradio/utils.py#L1061-L1074", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/gradio-app/gradio/blob/67e4044c9ca8358eceeb1fa72fa415df03397d20/gradio/utils.py#L1061-L1074" }, { "reference_url": "https://huntr.com/bounties/0439bf3d-cb38-43a5-8314-0fadf85cc5a0", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://huntr.com/bounties/0439bf3d-cb38-43a5-8314-0fadf85cc5a0" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12217", "reference_id": "CVE-2024-12217", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12217" }, { "reference_url": "https://github.com/advisories/GHSA-prpg-p95c-32fv", "reference_id": "GHSA-prpg-p95c-32fv", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-prpg-p95c-32fv" } ], "fixed_packages": [], "aliases": [ "CVE-2024-12217", "GHSA-prpg-p95c-32fv" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uvd9-43p8-suhm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37219?format=api", "vulnerability_id": "VCID-vaq5-ccvf-kyg6", "summary": "Gradio is an open-source Python package designed for quick prototyping. Starting in version 4.16.0 and prior to version 6.6.0, Gradio applications running outside of Hugging Face Spaces automatically enable \"mocked\" OAuth routes when OAuth components (e.g. `gr.LoginButton`) are used. When a user visits `/login/huggingface`, the server retrieves its own Hugging Face access token via `huggingface_hub.get_token()` and stores it in the visitor's session cookie. If the application is network-accessible, any remote attacker can trigger this flow to steal the server owner's HF token. The session cookie is signed with a hardcoded secret derived from the string `\"-v4\"`, making the payload trivially decodable. Version 6.6.0 fixes the issue.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27167.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27167.json" }, { "reference_url": "https://github.com/gradio-app/gradio", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/gradio-app/gradio" }, { "reference_url": "https://github.com/gradio-app/gradio/commit/dfee0da06d0aa94b3c2684131e7898d5d5c1911e", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/gradio-app/gradio/commit/dfee0da06d0aa94b3c2684131e7898d5d5c1911e" }, { "reference_url": "https://github.com/gradio-app/gradio/releases/tag/gradio@6.6.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/gradio-app/gradio/releases/tag/gradio@6.6.0" }, { "reference_url": "https://github.com/gradio-app/gradio/security/advisories/GHSA-h3h8-3v2v-rg7m", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:N" }, { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/gradio-app/gradio/security/advisories/GHSA-h3h8-3v2v-rg7m" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2443454", "reference_id": "2443454", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2443454" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27167", "reference_id": "CVE-2026-27167", "reference_type": "", "scores": [ { "value": "0.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27167" }, { "reference_url": "https://github.com/advisories/GHSA-h3h8-3v2v-rg7m", "reference_id": "GHSA-h3h8-3v2v-rg7m", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-h3h8-3v2v-rg7m" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/48309?format=api", "purl": "pkg:pypi/gradio@6.6.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dsw8-wy3z-53hm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/gradio@6.6.0" } ], "aliases": [ "CVE-2026-27167", "GHSA-h3h8-3v2v-rg7m", "PYSEC-2026-63" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vaq5-ccvf-kyg6" } ], "fixing_vulnerabilities": [], "risk_score": "4.5", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/gradio@5.0.1" }