CVE-2024-48052

MEDIUM6.5EPSS 0.13%

gradio Server Side Request Forgery vulnerability

Published: 11/5/2024Modified: 11/7/2024

Description

In gradio <=4.42.0, the gr.DownloadButton function has a hidden server-side request forgery (SSRF) vulnerability. The reason is that within the save_url_to_cache function, there are no restrictions on the URL, which allows access to local target resources. This can lead to the download of local resources and sensitive information.

Affected packages (1)

PyPI/gradiofrom 0, <= 4.42.0

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 4.0	—	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P
osv	CVSS 3.1	MEDIUM6.5	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

References (4)

ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2024-48052
PATCHhttps://github.com/gradio-app/gradio
WEBhttps://gist.github.com/AfterSnows/45ffc23797f9127e00755376cc610e12
WEBhttps://rumbling-slice-eb0.notion.site/FULL-SSRF-in-gr-DownloadButton-in-gradio-app-gradio-870b21e0908b48cbafd914719ac1a4e6?pvs=4