CVE-2024-8966 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

A vulnerability in the file upload process of gradio-app/gradio version @gradio/video@0.10.2 allows for a Denial of Service (DoS) attack. An attacker can append…
High CVSS: 7.5

CVE-2024-8966

A vulnerability in the file upload process of gradio-app/gradio version @gradio/video@0.10.2 allows for a Denial of Service (DoS) attack. An attacker can append a large number of characters to the end of a multipart boundary, causing the system to continuously process each character and issue warnings. This can render Gradio inaccessible for extended periods, disrupting services and causing significant downtime.
Vendor
Gradio
Product
Video
CWE
CWE-770
Yayın Tarihi
2025-03-20 10:15:45
Güncelleme
2025-10-15 13:15:56
Source Identifier
security@huntr.dev
KEV Date Added
-

Kategoriler

CWE-770 Video HIGH Gradio 2025

Referanslar

https://github.com/gradio-app/gradio/commit/f1718c47137f9c60240da7afe5e3290aa0f1cb47 https://huntr.com/bounties/7b5932bb-58d1-4e71-b85c-43dc40522ff2 https://huntr.com/bounties/7b5932bb-58d1-4e71-b85c-43dc40522ff2