CVE-2024-47167 – gradio

Package

Manager: pip
Name: gradio
Vulnerable Version: >=0 <5.0.0

Severity

Level: Medium

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

EPSS: 0.00247 pctl0.47826

Details

Gradio vulnerable to SSRF in the path parameter of /queue/join ### Impact **What kind of vulnerability is it? Who is impacted?** This vulnerability relates to **Server-Side Request Forgery (SSRF)** in the `/queue/join` endpoint. Gradio’s `async_save_url_to_cache` function allows attackers to force the Gradio server to send HTTP requests to user-controlled URLs. This could enable attackers to target internal servers or services within a local network and possibly exfiltrate data or cause unwanted internal requests. Additionally, the content from these URLs is stored locally, making it easier for attackers to upload potentially malicious files to the server. This impacts users deploying Gradio servers that use components like the Video component which involve URL fetching. ### Patches Yes, please upgrade to `gradio>=5` to address this issue. ### Workarounds **Is there a way for users to fix or remediate the vulnerability without upgrading?** As a workaround, users can disable or heavily restrict URL-based inputs in their Gradio applications to trusted domains only. Additionally, implementing stricter URL validation (such as allowinglist-based validation) and ensuring that local or internal network addresses cannot be requested via the `/queue/join` endpoint can help mitigate the risk of SSRF attacks.

Metadata

Created: 2024-10-10T22:01:44Z
Modified: 2025-01-21T17:53:33Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/10/GHSA-576c-3j53-r9jj/GHSA-576c-3j53-r9jj.json
CWE IDs: ["CWE-918"]
Alternative ID: GHSA-576c-3j53-r9jj
Finding: F100
Auto approve: 1