gradio@4.7.0 vulnerabilities

gradio is a Python library for easily interacting with trained machine learning models

Affected versions of this package are vulnerable to Improper Access Control due to the improper consideration of the _is_server_fn attribute. An attacker can execute unauthorized functions by exploiting this oversight.

Upgrade gradio to version 4.13.0 or higher.

gradio is a Python library for easily interacting with trained machine learning models

Affected versions of this package are vulnerable to Credential Exposure due to insufficient checks for double-slash patterns in the starts_with_protocol() function.

Note: This vulnerability only exists on Windows.

Upgrade gradio to version 4.20.0 or higher.

gradio is a Python library for easily interacting with trained machine learning models

Affected versions of this package are vulnerable to Server-side Request Forgery (SSRF) via the file parameter. An attacker can scan and identify open ports within an internal network by discerning the status of internal ports based on the presence of a 'Location' header or a 'File not allowed' error in the response.

Upgrade gradio to version 4.10.0 or higher.

gradio is a Python library for easily interacting with trained machine learning models

Affected versions of this package are vulnerable to Improper Access Control due to the /component_server endpoint improperly allowing the invocation of any method on a Component class with attacker-controlled arguments. Specifically, by exploiting the move_resource_to_block_cache() method of the Block class, an attacker can copy any file on the filesystem to a temporary directory and subsequently retrieve it. This vulnerability enables unauthorized local file read access.

Notes:

1. It is even more critical because running an app with launch(share=True) will expose the app to the internet allowing anyone to read files on users computers.

2. All gradio apps hosted on huggingface.co are also vulnerable.

Upgrade gradio to version 4.13.0 or higher.

gradio is a Python library for easily interacting with trained machine learning models

Affected versions of this package are vulnerable to Directory Traversal due to improper validation of user-supplied input in the UploadButton component. An attacker can read arbitrary files on the filesystem, such as private SSH keys, by manipulating the file path in the request to the /queue/join endpoint. This issue could potentially lead to remote code execution through the handling of file upload paths, allowing attackers to redirect file uploads to unintended locations on the server.

Note

Every Gradio instance utilizing the UploadButton component is vulnerable.

Upgrade gradio to version 4.19.2 or higher.

gradio is a Python library for easily interacting with trained machine learning models

Affected versions of this package are vulnerable to Race Condition that impacts the synchronization between state and loading status updates. An attacker could disrupt service and cause a denial of service by exploiting this vulnerability.

Upgrade gradio to version 4.22.0 or higher.

gradio is a Python library for easily interacting with trained machine learning models

Affected versions of this package are vulnerable to Improper Command Line Parameter Handling due to improper handling of secrets in the continuous integration (CI) process. An attacker can exfiltrate sensitive information by exploiting the misconfiguration in the CI setup.

Upgrade gradio to version 4.18.0 or higher.

gradio is a Python library for easily interacting with trained machine learning models

Affected versions of this package are vulnerable to Server-Side Request Forgery (SSRF) via the /proxy route. An attacker can manipulate the self.replica_urls set by exploiting weaknesses in the application's handling of the X-Direct-Url header and proxy arbitrary URLs including potential internal endpoints by specifying a target URL.

Upgrade gradio to version 4.18.0 or higher.

gradio is a Python library for easily interacting with trained machine learning models

Affected versions of this package are vulnerable to Cross-Site Request Forgery (CSRF) due to the flawed implementation of CORS rules that require the host header to be localhost (or one of its aliases) and, if present, the origin header to be localhost (or one of its aliases) as well. An attacker can exploit this by crafting requests that bypass these restrictions.

Note:

This vulnerability has a low impact on the availability of the target system. Sustained attacks may cause the system to not have enough disk space left to operate properly.

Upgrade gradio to version 4.19.2 or higher.

gradio is a Python library for easily interacting with trained machine learning models

Affected versions of this package are vulnerable to Timing Attack due to the way string comparisons are handled, allowing them to terminate early upon finding a mismatch. This behavior can be exploited by an attacker to conduct a brute-force attack to guess the password of password-protected applications by making numerous attempts without being rate-limited.

Upgrade gradio to version 4.19.2 or higher.

gradio is a Python library for easily interacting with trained machine learning models

Affected versions of this package are vulnerable to Directory Traversal via a vulnerable user-supplied JSON value in an API request. An attacker can read arbitrary files on the server by submitting a crafted JSON payload that exploits path traversal sequences.

Upgrade gradio to version 4.9.0 or higher.

gradio is a Python library for easily interacting with trained machine learning models

Affected versions of this package are vulnerable to Server-side Request Forgery (SSRF) using the /file route since it used to perform a GET/HEAD request to determine if a filepath was a possible URL.

Upgrade gradio to version 4.10.0 or higher.

gradio is a Python library for easily interacting with trained machine learning models

Affected versions of this package are vulnerable to Server-side Request Forgery (SSRF) or path traversal allowing arbitrary file reads, via the /file route. This is exploitable using e.g. the --path-as-is option to curl, but not from a browser.

Upgrade gradio to version 4.11.0 or higher.

gradio is a Python library for easily interacting with trained machine learning models

Affected versions of this package are vulnerable to Unrestricted Upload of File with Dangerous Type via the /tmp directory. An attacker can upload arbitrary files, potentially leading to unauthorized access or execution of malicious code.

There is no fixed version for gradio.