Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-973g-55hp-3frw: Server-Side Request Forgery in gradio

A Server-Side Request Forgery (SSRF) vulnerability exists in the gradio-app/gradio and was discovered in version 4.21.0, specifically within the /queue/join endpoint and the save_url_to_cache function. The vulnerability arises when the path value, obtained from the user and expected to be a URL, is used to make an HTTP request without sufficient validation checks. This flaw allows an attacker to send crafted requests that could lead to unauthorized access to the local network or the AWS metadata endpoint, thereby compromising the security of internal servers.

ghsa
#vulnerability#git#ssrf#aws#auth

Skip to content

Navigation Menu

    • Actions

      Automate any workflow

    • Packages

      Host and manage packages

    • Security

      Find and fix vulnerabilities

    • Codespaces

      Instant dev environments

    • GitHub Copilot

      Write better code with AI

    • Code review

      Manage code changes

    • Issues

      Plan and track work

    • Discussions

      Collaborate outside of code

    • GitHub Sponsors

      Fund open source developers

*   The ReadME Project
    
    GitHub community articles
    • Enterprise platform

      AI-powered developer platform

  • Pricing

Provide feedback

Saved searches****Use saved searches to filter your results more quickly

Sign up

  1. GitHub Advisory Database
  2. GitHub Reviewed
  3. CVE-2024-4325

Server-Side Request Forgery in gradio

High severity GitHub Reviewed Published Jun 6, 2024 to the GitHub Advisory Database • Updated Jun 6, 2024

Affected versions

<= 4.36.0

Description

A Server-Side Request Forgery (SSRF) vulnerability exists in the gradio-app/gradio and was discovered in version 4.21.0, specifically within the /queue/join endpoint and the save_url_to_cache function. The vulnerability arises when the path value, obtained from the user and expected to be a URL, is used to make an HTTP request without sufficient validation checks. This flaw allows an attacker to send crafted requests that could lead to unauthorized access to the local network or the AWS metadata endpoint, thereby compromising the security of internal servers.

References

  • https://nvd.nist.gov/vuln/detail/CVE-2024-4325
  • https://huntr.com/bounties/b34f084b-7d14-4f00-bc10-048a3a5aaf88
  • gradio-app/gradio#8301

Published to the GitHub Advisory Database

Jun 6, 2024

ghsa: Latest News

GHSA-vm62-9jw3-c8w3: Gogs has an argument Injection in the built-in SSH server