gradio Server Side Request Forgery vulnerability

GHSA-3gf9-wv65-gwh9 · CVE-2024-48052

Published Nov 5, 2024 · Modified Nov 7, 2024

Description

In gradio <=4.42.0, the gr.DownloadButton function has a hidden server-side request forgery (SSRF) vulnerability. The reason is that within the save_url_to_cache function, there are no restrictions on the URL, which allows access to local target resources. This can lead to the download of local resources and sensitive information.

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2024-48052
WEB https://gist.github.com/AfterSnows/45ffc23797f9127e00755376cc610e12
PACKAGE https://github.com/gradio-app/gradio
WEB https://rumbling-slice-eb0.notion.site/FULL-SSRF-in-gr-DownloadButton-in-gradio-app-gradio-870b21e0908b48cbafd914719ac1a4e6?pvs=4

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes