{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-23T02:18:50.974","vulnerabilities":[{"cve":{"id":"CVE-2024-8966","sourceIdentifier":"security@huntr.dev","published":"2025-03-20T10:15:45.340","lastModified":"2025-10-15T13:15:56.390","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the file upload process of gradio-app/gradio version @gradio/video@0.10.2 allows for a Denial of Service (DoS) attack. An attacker can append a large number of characters to the end of a multipart boundary, causing the system to continuously process each character and issue warnings. This can render Gradio inaccessible for extended periods, disrupting services and causing significant downtime."},{"lang":"es","value":"Una vulnerabilidad en el proceso de carga de archivos de gradio-app/gradio versión @gradio/video@0.10.2 permite un ataque de denegación de servicio (DoS). Un atacante puede añadir una gran cantidad de caracteres al final de un límite multiparte, lo que provoca que el sistema procese continuamente cada carácter y emita advertencias. Esto puede dejar a Gradio inaccesible durante periodos prolongados, interrumpiendo los servicios y provocando un tiempo de inactividad significativo."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV30":[{"source":"security@huntr.dev","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"security@huntr.dev","type":"Secondary","description":[{"lang":"en","value":"CWE-770"}]},{"source":"nvd@nist.gov","type":"Secondary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gradio:video:0.10.2:*:*:*:*:gradio:*:*","matchCriteriaId":"A1A0C389-21D5-42BC-9E24-9B1BD2614543"}]}]}],"references":[{"url":"https://github.com/gradio-app/gradio/commit/f1718c47137f9c60240da7afe5e3290aa0f1cb47","source":"security@huntr.dev"},{"url":"https://huntr.com/bounties/7b5932bb-58d1-4e71-b85c-43dc40522ff2","source":"security@huntr.dev","tags":["Exploit"]},{"url":"https://huntr.com/bounties/7b5932bb-58d1-4e71-b85c-43dc40522ff2","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit"]}]}}]}