CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-8966

A vulnerability in the file upload process of gradio-app/gradio version @gradio/video@0.10.2 allows for a Denial of Service (DoS) attack. An attacker can append a large number of characters to the end of a multipart boundary, causing the system to continuously process each character and issue warnings. This can render Gradio inaccessible for extended periods, disrupting services and causing significant downtime.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 18.9%

CVSS Severity

CVSS v3 Score 7.5

References

https://huntr.com/bounties/7b5932bb-58d1-4e71-b85c-43dc40522ff2
https://huntr.com/bounties/7b5932bb-58d1-4e71-b85c-43dc40522ff2

Products affected by CVE-2024-8966

Gradio » Video » Version: 0.10.2

cpe:2.3:a:gradio:video:0.10.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-8966

Products

Pricing

Contact Us