pysec-2024-215
Vulnerability from pysec
Gradio is an open-source Python package designed for quick prototyping. This vulnerability relates to Server-Side Request Forgery (SSRF) in the /queue/join
endpoint. Gradio’s async_save_url_to_cache
function allows attackers to force the Gradio server to send HTTP requests to user-controlled URLs. This could enable attackers to target internal servers or services within a local network and possibly exfiltrate data or cause unwanted internal requests. Additionally, the content from these URLs is stored locally, making it easier for attackers to upload potentially malicious files to the server. This impacts users deploying Gradio servers that use components like the Video component which involve URL fetching. Users are advised to upgrade to gradio>=5
to address this issue. As a workaround, users can disable or heavily restrict URL-based inputs in their Gradio applications to trusted domains only. Additionally, implementing stricter URL validation (such as allowinglist-based validation) and ensuring that local or internal network addresses cannot be requested via the /queue/join
endpoint can help mitigate the risk of SSRF attacks.
{ affected: [ { package: { ecosystem: "PyPI", name: "gradio", purl: "pkg:pypi/gradio", }, ranges: [ { events: [ { introduced: "0", }, { fixed: "5.0.0", }, ], type: "ECOSYSTEM", }, ], versions: [ "0.1.0", "0.1.1", "0.1.2", "0.1.3", "0.1.4", "0.1.5", "0.1.6", "0.1.7", "0.1.8", "0.1.9", "0.2.0", "0.2.1", "0.3.0", "0.3.1", "0.3.2", "0.3.3", "0.3.4", "0.3.5", "0.4.0", "0.4.1", "0.4.2", "0.4.4", "0.5.0", "0.7.0", "0.7.1", "0.7.2", "0.7.3", "0.7.4", "0.7.5", "0.7.6", "0.7.7", "0.7.8", "0.8.0", "0.8.1", "0.9.0", "0.9.1", "0.9.2", "0.9.3", "0.9.4", "0.9.5", "0.9.6", "0.9.7", "0.9.8", "0.9.9.2", "0.9.9.3", "0.9.9.5", "0.9.9.6", "0.9.9.7", "0.9.9.8", "0.9.9.9", "0.9.9.9.2", "1.0.0", "1.0.0a1", "1.0.0a3", "1.0.0a4", "1.0.1", "1.0.2", "1.0.3", "1.0.4", "1.0.5", "1.0.6", "1.0.7", "1.1.0", "1.1.1", "1.1.2", "1.1.3", "1.1.4", "1.1.5", "1.1.6", "1.1.8", "1.1.8.1", "1.1.9", "1.2.2", "1.2.3", "1.3.0", "1.3.1", "1.3.2", "1.4.0", "1.4.2", "1.4.3", "1.4.4", "1.5.0", "1.5.1", "1.5.3", "1.5.4", "1.6.0", "1.6.1", "1.6.2", "1.6.3", "1.6.4", "1.7.0", "1.7.1", "1.7.2", "1.7.3", "1.7.4", "1.7.5", "1.7.6", "1.7.7", "2.0.0", "2.0.1", "2.0.10", "2.0.2", "2.0.4", "2.0.5", "2.0.6", "2.0.7", "2.0.8", "2.0.9", "2.1.0", "2.1.1", "2.1.2", "2.1.4", "2.1.6", "2.1.7", "2.2.0", "2.2.1", "2.2.10", "2.2.11", "2.2.12", "2.2.13", "2.2.14", "2.2.15", "2.2.2", "2.2.3", "2.2.4", "2.2.5", "2.2.6", "2.2.7", "2.2.8", "2.2.9a0", "2.2.9a2", "2.3.0", "2.3.0a0", "2.3.0b101", "2.3.0b102", "2.3.0b99", "2.3.3", "2.3.4", "2.3.5", "2.3.5b0", "2.3.6", "2.3.7", "2.3.7b0", "2.3.7b1", "2.3.7b2", "2.3.8b0", "2.3.9", "2.4.0", "2.4.0a0", "2.4.1", "2.4.2", "2.4.4", "2.4.5", "2.4.6", "2.4.7b0", "2.4.7b2", "2.4.7b3", "2.4.7b4", "2.4.7b5", "2.4.7b6", "2.4.7b7", "2.4.7b8", "2.4.7b9", "2.5.0", "2.5.1", "2.5.2", "2.5.3", "2.5.8a0", "2.6.0", "2.6.1", "2.6.1a0", "2.6.1b0", "2.6.1b3", "2.6.2", "2.6.3", "2.6.4", "2.6.4b0", "2.6.4b2", "2.6.4b3", "2.7.0", "2.7.0a101", "2.7.0a102", "2.7.0b70", "2.7.5", "2.7.5.1", "2.7.5.2", "2.7.5.2b0", "2.8.0", "2.8.0a100", "2.8.0b0", "2.8.0b10", "2.8.0b12", "2.8.0b2", "2.8.0b20", "2.8.0b22", "2.8.0b3", "2.8.0b4", "2.8.0b5", "2.8.0b6", "2.8.1", "2.8.10", "2.8.11", "2.8.12", "2.8.13", "2.8.14", "2.8.2", "2.8.3", "2.8.4", "2.8.5", "2.8.6", "2.8.7", "2.8.8", "2.8.9", "2.9.0", "2.9.0.1", "2.9.0b0", "2.9.0b1", "2.9.0b10", "2.9.0b2", "2.9.0b3", "2.9.0b5", "2.9.0b6", "2.9.0b7", "2.9.0b8", "2.9.0b9", "2.9.1", "2.9.2", "2.9.3", "2.9.4", "2.9b11", "2.9b12", "2.9b13", "2.9b14", "2.9b15", "2.9b20", "2.9b21", "2.9b22", "2.9b23", "2.9b24", "2.9b25", "2.9b26", "2.9b27", "2.9b28", "2.9b30", "2.9b31", "2.9b32", "2.9b33", "2.9b40", "2.9b48", "2.9b50", "3.0", "3.0.1", "3.0.10", "3.0.10b16", "3.0.10b2", "3.0.11", "3.0.11b1", "3.0.12", "3.0.13", "3.0.13b100", "3.0.13b13", "3.0.13b15", "3.0.14", "3.0.15", "3.0.16", "3.0.17", "3.0.18", "3.0.18b0", "3.0.19", "3.0.19b0", "3.0.19b1", "3.0.19b2", "3.0.1b120", "3.0.1b121", "3.0.1b300", "3.0.2", "3.0.20", "3.0.20.dev0", "3.0.21", "3.0.22", "3.0.23", "3.0.23.dev1", "3.0.24", "3.0.25", "3.0.26", "3.0.3", "3.0.4", "3.0.5", "3.0.6", "3.0.6b1", "3.0.6b2", "3.0.6b3", "3.0.7", "3.0.8", "3.0.8b1", "3.0.9", "3.0.9b10", "3.0.9b11", "3.0.9b20", "3.0b0", "3.0b1", "3.0b10", "3.0b2", "3.0b5", "3.0b6", "3.0b8", "3.0b9", "3.1.0", "3.1.1", "3.1.2", "3.1.3", "3.1.3a0", "3.1.3a2", "3.1.3a3", "3.1.3a4", "3.1.3a5", "3.1.4", "3.1.4b0", "3.1.4b1", "3.1.4b2", "3.1.4b3", "3.1.4b4", "3.1.4b5", "3.1.5", "3.1.5b1", "3.1.5b10", "3.1.5b2", "3.1.5b3", "3.1.5b4", "3.1.5b5", "3.1.5b7", "3.1.5b8", "3.1.5b9", "3.1.6", "3.1.6b1", "3.1.7", "3.1.8b0", "3.1.8b2", "3.1.8b3", "3.1.8b4", "3.1.8b6", "3.10.0", "3.10.1", "3.11.0", "3.12.0", "3.12.0b1", "3.12.0b2", "3.12.0b3", "3.12.0b6", "3.12.0b7", "3.13.0", "3.13.0b1", "3.13.1", "3.13.1b0", "3.13.1b1", "3.13.1b2", "3.13.2", "3.14.0", "3.14.0a1", "3.15.0", "3.16.0", "3.16.1", "3.16.1b1", "3.16.2", "3.17.0", "3.17.1", "3.17.1b1", "3.17.1b2", "3.18.0", "3.18.1b1", "3.18.1b2", "3.18.1b3", "3.18.1b4", "3.18.1b5", "3.18.1b6", "3.18.1b7", "3.19.0", "3.19.1", "3.2", "3.2.1b0", "3.2.1b1", "3.2.1b2", "3.20.0", "3.20.0b1", "3.20.0b2", "3.20.1", "3.21.0", "3.22.0", "3.22.1", "3.22.1b1", "3.23.0", "3.23.1b1", "3.23.1b2", "3.23.1b3", "3.24.0", "3.24.1", "3.25.0", "3.25.1b1", "3.25.1b2", "3.26.0", "3.27.0", "3.28.0", "3.28.1", "3.28.2", "3.28.3", "3.28.4b0", "3.29.0", "3.3", "3.3.1", "3.30.0", "3.31.0", "3.32.0", "3.33.0", "3.33.1", "3.34.0", "3.35.0", "3.35.1", "3.35.2", "3.36.0", "3.36.1", "3.37.0", "3.38.0", "3.39.0", "3.3b0", "3.3b1", "3.4", "3.4.1", "3.40.0", "3.40.1", "3.41.0", "3.41.1", "3.41.2", "3.42.0", "3.43.0", "3.43.1", "3.43.2", "3.44.0", "3.44.1", "3.44.2", "3.44.3", "3.44.4", "3.45.0", "3.45.0b0", "3.45.0b10", "3.45.0b11", "3.45.0b12", "3.45.0b13", "3.45.0b9", "3.45.1", "3.45.2", "3.46.0", "3.46.1", "3.47.0", "3.47.1", "3.48.0", "3.49.0", "3.4b0", "3.4b1", "3.4b2", "3.4b3", "3.4b5", "3.5", "3.50.0", "3.50.1", "3.50.2", "3.6", "3.6.0b1", "3.6.0b10", "3.6.0b2", "3.6.0b3", "3.6.0b7", "3.7", "3.8", "3.8.1", "3.8.1.dev1", "3.8.2", "3.8b1", "3.8b2", "3.9", "3.9.1", "4.0.0", "4.0.0b15", "4.0.1", "4.0.2", "4.1.0", "4.1.1", "4.1.2", "4.10.0", "4.11.0", "4.12.0", "4.13.0", "4.14.0", "4.15.0", "4.16.0", "4.17.0", "4.18.0", "4.19.0", "4.19.1", "4.19.2", "4.2.0", "4.20.0", "4.20.1", "4.21.0", "4.22.0", "4.23.0", "4.24.0", "4.25.0", "4.26.0", "4.27.0", "4.28.0", "4.28.1", "4.28.2", "4.28.3", "4.29.0", "4.3.0", "4.31.0", "4.31.1", "4.31.2", "4.31.3", "4.31.4", "4.31.5", "4.32.0", "4.32.1", "4.32.2", "4.33.0", "4.35.0", "4.36.0", "4.36.1", "4.37.1", "4.37.2", "4.38.0", "4.38.1", "4.39.0", "4.4.0", "4.4.1", "4.40.0", "4.41.0", "4.42.0", "4.43.0", "4.44.0", "4.44.1", "4.5.0", "4.7.0", "4.7.1", "4.8.0", "4.9.0", "4.9.1", "5.0.0b1", "5.0.0b10", "5.0.0b5", "5.0.0b6", "5.0.0b7", "5.0.0b8", "5.0.0b9", ], }, ], aliases: [ "CVE-2024-47167", "GHSA-576c-3j53-r9jj", ], details: "Gradio is an open-source Python package designed for quick prototyping. This vulnerability relates to **Server-Side Request Forgery (SSRF)** in the `/queue/join` endpoint. Gradio’s `async_save_url_to_cache` function allows attackers to force the Gradio server to send HTTP requests to user-controlled URLs. This could enable attackers to target internal servers or services within a local network and possibly exfiltrate data or cause unwanted internal requests. Additionally, the content from these URLs is stored locally, making it easier for attackers to upload potentially malicious files to the server. This impacts users deploying Gradio servers that use components like the Video component which involve URL fetching. Users are advised to upgrade to `gradio>=5` to address this issue. As a workaround, users can disable or heavily restrict URL-based inputs in their Gradio applications to trusted domains only. Additionally, implementing stricter URL validation (such as allowinglist-based validation) and ensuring that local or internal network addresses cannot be requested via the `/queue/join` endpoint can help mitigate the risk of SSRF attacks.", id: "PYSEC-2024-215", modified: "2025-01-19T22:22:23.471780+00:00", published: "2024-10-10T22:15:11+00:00", references: [ { type: "ADVISORY", url: "https://github.com/gradio-app/gradio/security/advisories/GHSA-576c-3j53-r9jj", }, ], severity: [ { score: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", type: "CVSS_V3", }, ], }
Log in or create an account to share your comment.
This schema specifies the format of a comment related to a security advisory.
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.