{"package":"gradio","ecosystem":"pypi","latest_version":"6.12.0","description":"Python library for easily interacting with trained machine learning models","license":null,"homepage":"https://pypi.org/project/gradio/","repository":"https://github.com/gradio-app/gradio","downloads_weekly":4335124,"health":{"score":60,"risk":"moderate","breakdown":{"maintenance":25,"popularity":17,"security":3,"maturity":15,"community":0},"deprecated":false,"max_score":100},"vulnerabilities":{"count":11,"critical":0,"high":0,"medium":11,"low":0,"details":[{"vuln_id":"CVE-2024-48052","severity":"medium","summary":"gradio Server Side Request Forgery vulnerability","affected_versions":">=0","fixed_version":null,"source":"osv","published_at":"2024-11-05T00:31:28Z"},{"vuln_id":"CVE-2024-8966","severity":"medium","summary":"Gradio DOS in multipart boundry while uploading the file","affected_versions":">=0","fixed_version":null,"source":"osv","published_at":"2025-03-20T12:32:49Z"},{"vuln_id":"CVE-2024-8021","severity":"medium","summary":"Gradio Vulnerable to Open Redirect","affected_versions":">=0","fixed_version":null,"source":"osv","published_at":"2025-03-20T12:32:47Z"},{"vuln_id":"CVE-2024-10569","severity":"medium","summary":"Gradio Vulnerable to Denial of Service (DoS) via Crafted Zip Bomb","affected_versions":">=4.0.0","fixed_version":null,"source":"osv","published_at":"2025-03-20T12:32:39Z"},{"vuln_id":"CVE-2024-4325","severity":"medium","summary":"Server-Side Request Forgery in gradio","affected_versions":">=0","fixed_version":null,"source":"osv","published_at":"2024-06-06T18:30:58Z"},{"vuln_id":"CVE-2024-4940","severity":"medium","summary":"Open redirect in gradio","affected_versions":">=0","fixed_version":null,"source":"osv","published_at":"2024-06-22T06:30:37Z"},{"vuln_id":"CVE-2024-10648","severity":"medium","summary":"Gradio Vulnerable to Arbitrary File Deletion","affected_versions":">=4.0.0","fixed_version":null,"source":"osv","published_at":"2025-03-20T12:32:39Z"},{"vuln_id":"CVE-2024-12217","severity":"medium","summary":"Gradio Path Traversal vulnerability","affected_versions":">=0","fixed_version":null,"source":"osv","published_at":"2025-03-20T12:32:42Z"},{"vuln_id":"CVE-2024-10624","severity":"medium","summary":"Gradio Vulnerable to Denial of Service (DoS) via Crafted HTTP Request","affected_versions":">=4.38.0","fixed_version":null,"source":"osv","published_at":"2025-03-20T12:32:39Z"},{"vuln_id":"CVE-2023-41626","severity":"medium","summary":"Gradio arbitrary file upload vulnerability","affected_versions":">=0","fixed_version":null,"source":"osv","published_at":"2023-09-16T00:30:30Z"},{"vuln_id":"CVE-2025-5320","severity":"medium","summary":"Gradio CORS Origin Validation Bypass Vulnerability","affected_versions":">=5.0.0","fixed_version":null,"source":"osv","published_at":"2025-05-29T15:31:09Z"}]},"versions":{"latest":"6.12.0","total_count":659,"recent":["6.0.0.dev1","6.0.0.dev3","6.0.0.dev4","6.0.0.dev5","6.0.0","6.0.1","6.0.2","6.1.0","6.2.0","6.3.0","6.4.0","6.5.0","6.5.1","6.6.0","6.7.0","6.8.0","6.9.0","6.10.0","6.11.0","6.12.0"]},"metadata":{"deprecated":false,"deprecated_message":null,"maintainers_count":0,"first_published":null,"last_published":"2026-04-10T20:56:59.084465Z","dependencies_count":32,"dependencies":["anyio<5.0,>=3.0","audioop-lts<=0.2.2; python_version >= \"3.13\"","brotli>=1.1.0","fastapi<1.0,>=0.115.2","gradio-client==2.4.1","groovy~=0.1","hf-gradio<1.0,>=0.3.0","httpx<1.0,>=0.24.1","huggingface-hub<2.0,>=0.33.5","jinja2<4.0","markupsafe<4.0,>=2.0","numpy<3.0,>=1.0","orjson~=3.0","packaging","pandas<4.0,>=1.0","pillow<13.0,>=8.0","pydantic<=3.0,>=2.0","pydub<1.0","python-multipart<1.0,>=0.0.18","pytz>=2017.2","pyyaml<7.0,>=5.0","safehttpx<0.2.0,>=0.1.7","semantic-version~=2.0","starlette<2.0,>=0.40.0","tomlkit<0.15.0,>=0.12.0","typer<1.0,>=0.12","typing-extensions~=4.0","uvicorn>=0.14.0","mcp<2.0.0,>=1.21.0; extra == \"mcp\"","pydantic<=2.12.5,>=2.11.10; extra == \"mcp\"","authlib; extra == \"oauth\"","itsdangerous; extra == \"oauth\""]},"recommendation":{"action":"safe_to_use","issues":[],"use_version":"6.12.0","version_hint":null,"summary":"gradio@6.12.0 is safe to use (health: 60/100)"},"requested_version":null,"_cache":"miss","_response_ms":483,"_powered_by":"depscope.dev — free package intelligence for AI agents"}