CVE-2025-0187

HIGH Year: 2025
CVSS v3 Score
7.5
High
Weakness Type
CWE-400
View all →

Vulnerability Description

A Denial of Service (DoS) vulnerability was discovered in the file upload feature of gradio-app/gradio version 0.39.1. The vulnerability is due to improper handling of form-data with a large filename in the file upload request. By sending a payload with an excessively large filename, the server becomes overwhelmed and unresponsive, leading to unavailability for legitimate users.

Related Vulnerabilities

CVE-2001-0827

HIGH
CVSS:7.5(High)

Cerberus FTP server 1.0 - 1.5 allows remote attackers to cause a denial of service (crash) via a large number of "PASV" requests.

CWE-4002001

CVE-2002-20001

HIGH
CVSS:7.5(High)

The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not public keys, and trigger expensive server-side DHE modular-expo...

CWE-4002002

CVE-2006-1364

HIGH
CVSS:7.5(High)

Microsoft w3wp (aka w3wp.exe) does not properly handle when the AspCompat directive is not used when referencing COM components in ASP.NET, which allows remote attackers to cause a denial of service (...

CWE-4002006

CVE-2006-5708

HIGH
CVSS:7.5(High)

Multiple unspecified vulnerabilities in MDaemon and WorldClient in Alt-N Technologies MDaemon before 9.50 allow attackers to cause a denial of service (memory consumption) via unspecified vectors resu...

CWE-4002006

CVE-2006-6025

HIGH
CVSS:7.5(High)

QUALCOMM Eudora WorldMail 4.0 allows remote attackers to cause a denial of service, as demonstrated by a certain module in VulnDisco Pack. NOTE: The provenance of this information is unknown; the deta...

CWE-4002006

CVE-2007-20001

HIGH
CVSS:7.5(High)

A flaw was found in StarWind iSCSI target. An attacker could script standard iSCSI Initiator operation(s) to exhaust the StarWind service socket, which could lead to denial of service. This affects iS...

CWE-4002007