MEDIUM 6.5

GHSA-3gf9-wv65-gwh9

gradio Server Side Request Forgery vulnerability

Details

In gradio <=4.42.0, the gr.DownloadButton function has a hidden server-side request forgery (SSRF) vulnerability. The reason is that within the save_url_to_cache function, there are no restrictions on the URL, which allows access to local target resources. This can lead to the download of local resources and sensitive information.

Are you affected?

Enter the version of the package you're using.

Affected packages

PyPI / gradio

Introduced in: 0

No fixed version published yet for gradio (pip). Pin to a known-safe version or switch to an alternative.

References

https://nvd.nist.gov/vuln/detail/CVE-2024-48052 [ADVISORY]
https://gist.github.com/AfterSnows/45ffc23797f9127e00755376cc610e12 [WEB]
https://github.com/gradio-app/gradio [PACKAGE]
https://rumbling-slice-eb0.notion.site/FULL-SSRF-in-gr-DownloadButton-in-gradio-app-gradio-870b21e0908b48cbafd914719ac1a4e6?pvs=4 [WEB]