Cyber Resilience

CVE-2024-8966

HighPublic PoCDDoS

Published: 20 March 2025

Published
20 March 2025
Modified
15 October 2025
KEV Added
Patch
CVSS Score v3.1 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score 0.0029 52.8th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-8966 is a high-severity Allocation of Resources Without Limits or Throttling (CWE-770) vulnerability in Gradio Video. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked in the top 47.2% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

This vulnerability is AI-related — categorised as Machine Learning Libraries; in the Other ATLAS/OWASP Terms risk domain.

The strongest mitigations our analysis identified are NIST 800-53 SC-5 (Denial-of-service Protection) and SI-10 (Information Input Validation).

Deeper analysis

CVE-2024-8966 is a vulnerability in the file upload process of the Gradio library from gradio-app/gradio, specifically affecting the @gradio/video@0.10.2 component. It enables a Denial of Service (DoS) attack by allowing an attacker to append a large number of characters to the end of a multipart boundary in an upload request. This forces the system to continuously process each character while issuing warnings, which can render the Gradio application inaccessible for extended periods and cause significant service disruption.

The vulnerability carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H), meaning it is exploitable remotely over the network with low attack complexity, no required privileges or user interaction, and results in high availability impact but no effects on confidentiality or integrity. Unauthenticated attackers who can reach a vulnerable Gradio instance's file upload endpoint are able to trigger the condition, leading to prolonged downtime and resource exhaustion classified under CWE-770.

Advisories reference a patch in the Gradio repository at https://github.com/gradio-app/gradio/commit/f1718c47137f9c60240da7afe5e3290aa0f1cb47, which addresses the issue. The vulnerability was disclosed via a Huntr bounty report at https://huntr.com/bounties/7b5932bb-58d1-4e71-b85c-43dc40522ff2. Practitioners should update to patched versions of Gradio to mitigate exposure.

EU & UK References

Vulnerability details

A vulnerability in the file upload process of gradio-app/gradio version @gradio/video@0.10.2 allows for a Denial of Service (DoS) attack. An attacker can append a large number of characters to the end of a multipart boundary, causing the system to continuously…

more

process each character and issue warnings. This can render Gradio inaccessible for extended periods, disrupting services and causing significant downtime.

CWE(s)

AI Security AnalysisAI

AI Category
Machine Learning Libraries
Risk Domain
Other ATLAS/OWASP Terms
OWASP Top 10 for LLMs 2025
None mapped
Classification Reason
Matched keywords: gradio

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1499.004 Application or System Exploitation Impact
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
Why these techniques?

The vulnerability directly enables remote exploitation of the Gradio file upload endpoint via a crafted multipart request, causing excessive character processing and resource exhaustion that denies service availability.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2021-47877Shared CWE-770
CVE-2026-3260Shared CWE-770
CVE-2025-66560Shared CWE-770
CVE-2025-68136Shared CWE-770
CVE-2020-37038Shared CWE-770
CVE-2025-36070Shared CWE-770
CVE-2021-47791Shared CWE-770
CVE-2021-47876Shared CWE-770
CVE-2019-25342Shared CWE-770
CVE-2026-44004Shared CWE-770

Affected Assets

gradio
video
0.10.2

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly remediates the Gradio file upload DoS vulnerability by applying the vendor patch referenced in the advisory.

prevent

Provides denial-of-service protections like rate limiting and resource quotas to block resource exhaustion from oversized multipart boundaries.

prevent

Validates multipart file upload inputs to reject malformed boundaries with excessive characters before processing.

References