gradio@5.0.0b10 vulnerabilities

Python library for easily interacting with trained machine learning models

Direct Vulnerabilities

Known vulnerabilities in the gradio package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • H
Server-side Request Forgery (SSRF)

gradio is a Python library for easily interacting with trained machine learning models

Affected versions of this package are vulnerable to Server-side Request Forgery (SSRF) due to no restrictions on the URL, in the save_url_to_cache function. An attacker can access and download local resources and sensitive information.

How to fix Server-side Request Forgery (SSRF)?

There is no fixed version for gradio.

[0,)
  • H
Race Condition

gradio is a Python library for easily interacting with trained machine learning models

Affected versions of this package are vulnerable to Race Condition due to improper isolation in functions update_root_in_config and route handlers that access and modify blocks.config. Attackers can exploit this by sending requests with malicious headers, such as X-Forwarded-Host, to inject a fake root URL into the application's configuration.

How to fix Race Condition?

Upgrade gradio to version 5.0.0b5 or higher.

[,5.0.0b5)
  • M
Origin Validation Error

gradio is a Python library for easily interacting with trained machine learning models

Affected versions of this package are vulnerable to Origin Validation Error due the localhost_aliases variable including "null" as a valid origin, when the server is deployed locally. An attacker can make unauthorized requests from sandboxed iframes or other sources with a null origin, potentially leading to data theft, such as user authentication tokens or uploaded files.

How to fix Origin Validation Error?

Upgrade gradio to version 5.0.0 or higher.

[,5.0.0)
  • M
Directory Traversal

gradio is a Python library for easily interacting with trained machine learning models

Affected versions of this package are vulnerable to Directory Traversal within the is_in_or_equal function. An attacker can access restricted files by manipulating file paths using parent directory sequences (..).

How to fix Directory Traversal?

Upgrade gradio to version 5.0.0 or higher.

[,5.0.0)
  • H
Race Condition

gradio is a Python library for easily interacting with trained machine learning models

Affected versions of this package are vulnerable to Race Condition in the update_root_in_config function. An attacker can redirect user traffic to a malicious server, potentially intercepting sensitive data such as authentication credentials or uploaded files.

How to fix Race Condition?

Upgrade gradio to version 5.0.0 or higher.

[,5.0.0)
  • M
Directory Traversal

gradio is a Python library for easily interacting with trained machine learning models

Affected versions of this package are vulnerable to Directory Traversal through the post-processing step. An attacker can expose sensitive files by crafting requests that bypass expected input constraints.

Notes: If combined with other vulnerabilities that facilitate unauthorized file access, this could lead to sensitive files being exposed to unauthorized users.

The vulnerable Components are:

  1. String to FileData: DownloadButton, Audio, ImageEditor, Video, Model3D, File, UploadButton

  2. Complex data to FileData: Chatbot, MultimodalTextbox

  3. Direct file read in preprocess: Code

  4. Dictionary converted to FileData: ParamViewer, Dataset

How to fix Directory Traversal?

Upgrade gradio to version 5.0.0 or higher.

[,5.0.0)
  • M
Cross-site Scripting (XSS)

gradio is a Python library for easily interacting with trained machine learning models

Affected versions of this package are vulnerable to Cross-site Scripting (XSS) due to inadequate file type restrictions or server-side validation for the upload of HTML, JS, or SVG files. An attacker can execute unauthorized actions or steal sensitive information by uploading malicious scripts that execute when other users download or view these files.

How to fix Cross-site Scripting (XSS)?

Upgrade gradio to version 5.0.0 or higher.

[,5.0.0)
  • M
Server-side Request Forgery (SSRF)

gradio is a Python library for easily interacting with trained machine learning models

Affected versions of this package are vulnerable to Server-side Request Forgery (SSRF) through the async_save_url_to_cache function in the /queue/join endpoint. An attacker can send HTTP requests to user-controlled URLs, potentially targeting internal servers or services within a local network and possibly exfiltrating data or causing unwanted internal requests.

How to fix Server-side Request Forgery (SSRF)?

Upgrade gradio to version 5.0.0 or higher.

[,5.0.0)
  • H
Resources Downloaded over Insecure Protocol

gradio is a Python library for easily interacting with trained machine learning models

Affected versions of this package are vulnerable to Resources Downloaded over Insecure Protocol due to the lack of integrity checking on the downloaded FRP client. An attacker can introduce malicious code by modifying the binary without detection if they gain access to the remote URL from which the FRP client is downloaded.

Note: This vulnerability impacts any users utilizing the server's sharing mechanism that download the FRP client, especially those relying on the executable binary for secure data tunneling.

How to fix Resources Downloaded over Insecure Protocol?

Upgrade gradio to version 5.0.0 or higher.

[,5.0.0)
  • M
Improper Input Validation

gradio is a Python library for easily interacting with trained machine learning models

Affected versions of this package are vulnerable to Improper Input Validation through the Dropdown component's pre-processing step. An attacker can manipulate input data by sending custom requests with arbitrary values, despite the allow_custom_value parameter being set to False.

How to fix Improper Input Validation?

Upgrade gradio to version 5.0.0 or higher.

[,5.0.0)
  • H
Missing Encryption of Sensitive Data

gradio is a Python library for easily interacting with trained machine learning models

Affected versions of this package are vulnerable to Missing Encryption of Sensitive Data due to insecure communication between the FRP client and server, when the share option is set to true. An attacker can intercept and read files uploaded to the server, as well as modify responses or data sent between the client and server.

How to fix Missing Encryption of Sensitive Data?

Upgrade gradio to version 5.0.0 or higher.

[,5.0.0)
  • M
Arbitrary Code Injection

gradio is a Python library for easily interacting with trained machine learning models

Affected versions of this package are vulnerable to Arbitrary Code Injection due to improper check of the input, when users generate pyi. An attacker can execute arbitrary code by supplying crafted input.

Note:

This vulnerability is disputed by the maintainer because the report is about a user attacking himself.

How to fix Arbitrary Code Injection?

There is no fixed version for gradio.

[0,)
  • M
Open Redirect

gradio is a Python library for easily interacting with trained machine learning models

Affected versions of this package are vulnerable to Open Redirect via the file parameter. An attacker can scan and identify open ports within an internal network by discerning the status of internal ports based on the presence of a 'Location' header or a 'File not allowed' error in the response.

How to fix Open Redirect?

There is no fixed version for gradio.

[0,)