CVE-2024-8021

Medium CVSS: 6.1

An open redirect vulnerability exists in the latest version of gradio-app/gradio. The vulnerability allows an attacker to redirect users to a malicious website by URL encoding. This can be exploited by sending a crafted request to the application, which results in a 302 redirect to an attacker-controlled site.

Vendor

Gradio Project

Product

Gradio

CWE

CWE-601

Yayın Tarihi

2025-03-20 10:15:39

Güncelleme

2025-03-26 16:39:28

Source Identifier

security@huntr.dev

KEV Date Added

Kategoriler

CWE-601 Gradio MEDIUM Gradio Project 2025

Referanslar

https://huntr.com/bounties/adc23067-ec04-47ef-9265-afd452071888 https://huntr.com/bounties/adc23067-ec04-47ef-9265-afd452071888

Benzer Kayıtlar

High

CVE-2026-28414

Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.7, Gradio apps running on Win…

Medium

CVE-2026-28415

Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.6.0, the _redirect_to_target(…

High

CVE-2026-28416

Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.6.0, a Server-Side Request Fo…

Unknown

CVE-2026-27167

Gradio is an open-source Python package designed for quick prototyping. Starting in version 4.16.0 and prior to version…

Medium

CVE-2025-48889

Gradio is an open-source Python package that allows quick building of demos and web application for machine learning mod…

High

CVE-2025-0187

A Denial of Service (DoS) vulnerability was discovered in the file upload feature of gradio-app/gradio version 0.39.1. T…