GHSA-973g-55hp-3frw: Server-Side Request Forgery in gradio

Skip to content

Navigation Menu

• • Actions

    Automate any workflow

  • Packages

    Host and manage packages

  • Security

    Find and fix vulnerabilities

  • Codespaces

    Instant dev environments

  • GitHub Copilot

    Write better code with AI

  • Code review

    Manage code changes

  • Issues

    Plan and track work

  • Discussions

    Collaborate outside of code

• • GitHub Sponsors

    Fund open source developers

*   The ReadME Project
    
    GitHub community articles

• • Enterprise platform

    AI-powered developer platform

• Pricing

Provide feedback

Saved searches****Use saved searches to filter your results more quickly

Sign up

1. GitHub Advisory Database
2. GitHub Reviewed
3. CVE-2024-4325

Server-Side Request Forgery in gradio

High severity GitHub Reviewed Published Jun 6, 2024 to the GitHub Advisory Database • Updated Jun 6, 2024

Affected versions

<= 4.36.0

Description

A Server-Side Request Forgery (SSRF) vulnerability exists in the gradio-app/gradio and was discovered in version 4.21.0, specifically within the /queue/join endpoint and the save_url_to_cache function. The vulnerability arises when the path value, obtained from the user and expected to be a URL, is used to make an HTTP request without sufficient validation checks. This flaw allows an attacker to send crafted requests that could lead to unauthorized access to the local network or the AWS metadata endpoint, thereby compromising the security of internal servers.

References

• https://nvd.nist.gov/vuln/detail/CVE-2024-4325
• https://huntr.com/bounties/b34f084b-7d14-4f00-bc10-048a3a5aaf88
• gradio-app/gradio#8301

Published to the GitHub Advisory Database

Jun 6, 2024