{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-21T18:29:06.512","vulnerabilities":[{"cve":{"id":"CVE-2024-4941","sourceIdentifier":"security@huntr.dev","published":"2024-06-06T18:15:18.783","lastModified":"2025-10-15T13:15:45.403","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A local file inclusion vulnerability exists in the JSON component of gradio-app/gradio version 4.25. The vulnerability arises from improper input validation in the `postprocess()` function within `gradio/components/json_component.py`, where a user-controlled string is parsed as JSON. If the parsed JSON object contains a `path` key, the specified file is moved to a temporary directory, making it possible to retrieve it later via the `/file=..` endpoint. This issue is due to the `processing_utils.move_files_to_cache()` function traversing any object passed to it, looking for a dictionary with a `path` key, and then copying the specified file to a temporary directory. The vulnerability can be exploited by an attacker to read files on the remote system, posing a significant security risk."},{"lang":"es","value":"Existe una vulnerabilidad de inclusión de archivos locales en el componente JSON de gradio-app/gradio versión 4.25. La vulnerabilidad surge de una validación de entrada incorrecta en la función `postprocess()` dentro de `gradio/components/json_component.py`, donde una cadena controlada por el usuario se analiza como JSON. Si el objeto JSON analizado contiene una clave `ruta`, el archivo especificado se mueve a un directorio temporal, lo que permite recuperarlo más tarde a través del endpoint `/file=..`. Este problema se debe a que la función `processing_utils.move_files_to_cache()` atraviesa cualquier objeto que se le pasa, busca un diccionario con una clave `path` y luego copia el archivo especificado en un directorio temporal. Un atacante puede aprovechar la vulnerabilidad para leer archivos en el sistema remoto, lo que representa un riesgo de seguridad significativo."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV30":[{"source":"security@huntr.dev","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"security@huntr.dev","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]},{"source":"nvd@nist.gov","type":"Secondary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gradio_project:gradio:*:*:*:*:*:python:*:*","versionEndExcluding":"4.31.4","matchCriteriaId":"6D1B27C4-B978-4ABC-A9AB-6A894C31AFDB"}]}]}],"references":[{"url":"https://github.com/gradio-app/gradio/commit/ee1e2942e0a1ae84a08a05464e41c8108a03fa9c","source":"security@huntr.dev","tags":["Patch"]},{"url":"https://huntr.com/bounties/39889ce1-298d-4568-aecd-7ae40c2ca58e","source":"security@huntr.dev","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/gradio-app/gradio/commit/ee1e2942e0a1ae84a08a05464e41c8108a03fa9c","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://huntr.com/bounties/39889ce1-298d-4568-aecd-7ae40c2ca58e","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}}]}