CVE-2024-47167: Gradio vulnerable to SSRF in the path parameter of /queue/join
(updated )
What kind of vulnerability is it? Who is impacted?
This vulnerability relates to Server-Side Request Forgery (SSRF) in the /queue/join
endpoint. Gradio’s async_save_url_to_cache
function allows attackers to force the Gradio server to send HTTP requests to user-controlled URLs. This could enable attackers to target internal servers or services within a local network and possibly exfiltrate data or cause unwanted internal requests. Additionally, the content from these URLs is stored locally, making it easier for attackers to upload potentially malicious files to the server. This impacts users deploying Gradio servers that use components like the Video component which involve URL fetching.
References
Detect and mitigate CVE-2024-47167 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →