CVE-2025-0187

Name of the Vulnerable Software and Affected Versions gradio-app/gradio version 0.39.1

Description A Denial of Service (DoS) issue was found in the file upload feature due to improper handling of form-data with a large filename in the file upload request. By sending a payload with an excessively large filename, the server becomes overwhelmed and unresponsive, leading to unavailability for legitimate users.

Recommendations For gradio-app/gradio version 0.39.1, consider restricting the size of filenames allowed in the file upload feature to prevent the server from becoming overwhelmed. As a temporary workaround, consider implementing validation to limit the filename length in the file upload request until a patch is available.