We use cookies to improve your experience on our site.
AVID-2026-R1711
Description
Gradio Allows Unauthorized File Copy via Path Manipulation (CVE-2025-48889)
Details
Gradio is an open-source Python package that allows quick building of demos and web application for machine learning models, API, or any arbitrary Python function. Prior to version 5.31.0, an arbitrary file copy vulnerability in Gradio’s flagging feature allows unauthenticated attackers to copy any readable file from the server’s filesystem. While attackers can’t read these copied files, they can cause DoS by copying large files (like /dev/urandom) to fill disk space. This issue has been patched in version 5.31.0.
Reason for inclusion in AVID: CVE-2025-48889 describes a software vulnerability in Gradio, a Python library used to build ML demos/AI interfaces. It allows unauthorized file copy and DoS via disk space exhaustion. Gradio is commonly used in AI pipelines and deploy/run stacks; this is a software supply-chain issue affecting components of AI systems. The report provides CVE details and patch info, satisfying evidence requirements.
References
Affected or Relevant Artifacts
- Developer: gradio-app
- Deployer: gradio-app
- Artifact Details:
| Type | Name |
|---|---|
| System | gradio |
Impact
AVID Taxonomy Categorization
- Risk domains: Security
- SEP subcategories: S0100: Software Vulnerability
- Lifecycle stages: L06: Deployment
CVSS
| Version | 3.1 |
| Vector String | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
| Base Score | 5.3 |
| Base Severity | 🟠 Medium |
| Attack Vector | NETWORK |
| Attack Complexity | 🟢 Low |
| Privileges Required | NONE |
| User Interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality Impact | NONE |
| Integrity Impact | NONE |
| Availability Impact | 🟢 Low |
CWE
| ID | Description |
|---|---|
| CWE-434 | CWE-434: Unrestricted Upload of File with Dangerous Type |
Other information
- Report Type: Advisory
- Credits:
- Date Reported: 2025-05-30
- Version: 0.3.3
- AVID Entry