Homepage

Server-side Request Forgery (SSRF) Affecting gradio package, versions [0,]

Severity

 Recommended
0.0
high
0
10

CVSS assessment made by Snyk's Security Team. Learn more

Threat Intelligence

Exploit Maturity
Proof of concept
EPSS
0.04% (11th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Snyk Learn

Learn about Server-side Request Forgery (SSRF) vulnerabilities in an interactive lesson.

Start learning
  • Snyk IDSNYK-PYTHON-GRADIO-8342716
  • published5 Nov 2024
  • disclosed4 Nov 2024
  • creditAftersnows
Report a new vulnerability Found a mistake?

Introduced: 4 Nov 2024

CVE-2024-48052  (opens in a new tab)
CWE-918  (opens in a new tab)

How to fix?

There is no fixed version for gradio.

Overview

gradio is a Python library for easily interacting with trained machine learning models

Affected versions of this package are vulnerable to Server-side Request Forgery (SSRF) due to no restrictions on the URL, in the save_url_to_cache function. An attacker can access and download local resources and sensitive information.

PoC

from pathlib import Path
import gradio as gr

def upload_file(filepath):
    name = Path(filepath).name
    return [gr.UploadButton(visible=False), gr.DownloadButton(label=f"Download {name}", value=filepath, visible=True)]

def download_file():
    return [gr.UploadButton(visible=True), gr.DownloadButton(visible=False)]

with gr.Blocks() as demo:
    gr.Markdown("First upload a file and and then you'll be able download it (but only once!)")
    with gr.Row():
        u = gr.UploadButton("Upload a file", file_count="single")
        d = gr.DownloadButton("Download the file", visible=False)

    u.upload(upload_file, u, [u, d])
    d.click(download_file, None, [u, d])

if __name__ == "__main__":
    demo.launch()

References

CVSS Scores

version 4.0
version 3.1