CVE-2024-4325

CVE

High

A Server-Side Request Forgery (SSRF) vulnerability exists in the gradio-app/gradio version 4.21.0, specifically within the `/queue/join` en…

CVSS

8.6

High

EPSS

0.37

p98

Published

2024-01-01

Updated

2024-01-01

Description

A Server-Side Request Forgery (SSRF) vulnerability exists in the gradio-app/gradio version 4.21.0, specifically within the `/queue/join` endpoint and the `save_url_to_cache` function. The vulnerability arises when the `path` value, obtained from the user and expected to be a URL, is used to make an HTTP request without sufficient validation checks. This flaw allows an attacker to send crafted requests that could lead to unauthorized access to the local network or the AWS metadata endpoint, thereby compromising the security of internal servers.

Tags · CWE

Pre-auth

CWE-918

CAPEC-664

Affected products

Gradio < 4.41.0

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

Timeline

2024-01-01

Published

2024-01-01

Updated

CVSS 3.1 breakdown

Attack Vector

AV: N

Network (N)

Attack Complexity

AC: L

Low (L)

Privileges Required

PR: N

None (N)

User Interaction

UI: N

None (N)

Scope

S: C

Changed (C)

Confidentiality Impact

C: H

High (H)

Integrity Impact

I: N

None (N)

Availability Impact

A: N

None (N)

Exploit indicators

EPSS

0.374 · p98

Known exploited (KEV)

Known exploits — Сканер-ВС

No Сканер-ВС checks registered for this vulnerability yet.

Affected products

Gradio_project

Gradio

Product	Vendor	Status
gradio	*	Tracked

Source databases

CVE