Server-side Request Forgery (SSRF) Affecting gradio package, versions [0,]
Threat Intelligence
Exploit Maturity
Proof of concept
EPSS
0.04% (11th
percentile)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-PYTHON-GRADIO-8342716
- published 5 Nov 2024
- disclosed 4 Nov 2024
- credit Aftersnows
Introduced: 4 Nov 2024
New CVE-2024-48052 Open this link in a new tabHow to fix?
There is no fixed version for gradio.
Overview
gradio is a Python library for easily interacting with trained machine learning models
Affected versions of this package are vulnerable to Server-side Request Forgery (SSRF) due to no restrictions on the URL, in the save_url_to_cache function. An attacker can access and download local resources and sensitive information.
PoC
from pathlib import Path
import gradio as gr
def upload_file(filepath):
name = Path(filepath).name
return [gr.UploadButton(visible=False), gr.DownloadButton(label=f"Download {name}", value=filepath, visible=True)]
def download_file():
return [gr.UploadButton(visible=True), gr.DownloadButton(visible=False)]
with gr.Blocks() as demo:
gr.Markdown("First upload a file and and then you'll be able download it (but only once!)")
with gr.Row():
u = gr.UploadButton("Upload a file", file_count="single")
d = gr.DownloadButton("Download the file", visible=False)
u.upload(upload_file, u, [u, d])
d.click(download_file, None, [u, d])
if __name__ == "__main__":
demo.launch()