CVE-2023-25823 – gradio

Package

Manager: pip
Name: gradio
Vulnerable Version: >=0 <3.13.1

Severity

Level: Medium

CVSS v3.1: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:L

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L

EPSS: 0.00091 pctl0.26678

Details

Update share links to use FRP instead of SSH tunneling ### Impact This is a vulnerability which affects anyone using Gradio's share links (i.e. creating a Gradio app and then setting `share=True`) with Gradio versions older than 3.13.1. In these older versions of Gradio, a private SSH key is sent to any user that connects to the Gradio machine, which means that a user could access other users' shared Gradio demos. From there, other exploits are possible depending on the level of access/exposure the Gradio app provides. ### Patches The problem has been patched. Ideally, users should upgrade to `gradio==3.19.1` or later where the FRP solution has been properly tested. ### Credit Credit to Greg Sadetsky and Samuel Tremblay-Cossette for alerting the team

Metadata

Created: 2023-02-23T22:10:19Z
Modified: 2024-09-20T21:41:25Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/02/GHSA-3x5j-9vwr-8rr5/GHSA-3x5j-9vwr-8rr5.json
CWE IDs: ["CWE-798"]
Alternative ID: GHSA-3x5j-9vwr-8rr5
Finding: F009
Auto approve: 1