CVE-2025-5320: 
Gradio vulnerability analysis and mitigation

A vulnerability has been identified in gradio-app gradio versions up to 5.29.1, tracked as CVE-2025-5320. The vulnerability affects the isvalidorigin function within the CORS Handler component, where improper validation of the localhost_aliases argument can lead to unauthorized access. The issue was discovered in May 2025 and has been classified as problematic with a CVSS v4.0 base score of 6.3 (MEDIUM) (VulDB).

The vulnerability stems from flaws in the CORS configuration implementation, specifically in the isvalidorigin method used for validating incoming cross-origin requests. The method attempts to protect internally deployed applications by verifying if the Host header matches predefined localhost_aliases. However, the validation mechanism contains two critical flaws: it fails to properly handle IPv6 addresses mapped to localhost, and it doesn't account for public domains resolving to localhost. The vulnerability has received a CVSS v3.1 base score of 3.7 (LOW) and a CVSS v4.0 score of 6.3 (MEDIUM) (GitHub POC).

The vulnerability enables unauthorized access to sensitive data from internal applications, particularly affecting scenarios where Gradio is used for sensitive data processing or hosting secure applications. Attackers can bypass CORS restrictions and perform cross-origin requests to access data from internal environments, potentially leading to data exfiltration attacks (GitHub POC).

Recommended mitigations include enhancing origin validation to support validation of public domains resolving to internal networks, enforcing restrictive CORS rules for public-facing Gradio applications through a whitelist-based origin validation approach, and updating documentation to clearly communicate associated risks. Organizations should upgrade to versions newer than 5.29.1 when available (GitHub POC).