Lokale Datei-Inklusion in gradio
Plattform
python
Komponente
gradio
Behoben in
4.31.4
4.31.3
CVE-2024-4941 describes a local file inclusion vulnerability discovered in the JSON component of Gradio, a Python library for building user interfaces for machine learning models. This flaw allows an attacker to potentially retrieve arbitrary files from the server by manipulating JSON data. The vulnerability impacts Gradio versions up to 4.9.1 and has been resolved in version 4.31.3.
Erkenne diese CVE in deinem Projekt
Lade deine requirements.txt-Datei hoch und wir sagen dir sofort, ob du betroffen bist.
Auswirkungen und Angriffsszenarien
The vulnerability lies in the postprocess() function within gradio/components/jsoncomponent.py. An attacker can craft malicious JSON input that, when parsed by Gradio, triggers the processingutils.movefilesto_cache() function to traverse a malicious path key. This allows the attacker to specify a file path, move it to a temporary directory, and subsequently retrieve it via the /file=.. endpoint. The potential impact includes unauthorized access to sensitive files, such as configuration files, source code, or user data, depending on the server's file system structure and permissions. While requiring local access to interact with the Gradio application, this vulnerability could be exploited by anyone with access to the application's interface.
Ausnutzungskontext
CVE-2024-4941 was publicly disclosed on 2024-06-06. No known public proof-of-concept exploits are currently available, but the vulnerability's nature suggests that one could be developed relatively easily. The EPSS score is likely to be medium, given the ease of exploitation and potential impact. It is not currently listed on the CISA KEV catalog.
Wer Ist Gefährdetwird übersetzt…
Applications utilizing Gradio for building interactive web interfaces, particularly those handling sensitive data or deployed in environments with limited security controls, are at risk. This includes developers using Gradio for machine learning demos, data visualization tools, or internal dashboards.
Erkennungsschrittewird übersetzt…
• python / gradio:
import os
import json
# Check for vulnerable Gradio versions
process = os.popen('pip show gradio')
output = process.read()
version = None
for line in output.splitlines():
if line.startswith('Version:'):
version = line.split('==')[1]
break
if version and float(version) <= 4.9.1:
print("VULNERABLE: Gradio version is {}".format(version))
else:
print("Gradio version is safe or not installed.")• generic web: Check Gradio application endpoints for the existence of /file=.. and attempt to access arbitrary files.
Angriffszeitlinie
- Disclosure
disclosure
Bedrohungsanalyse
Exploit-Status
EPSS
0.56% (68% Perzentil)
CISA SSVC
CVSS-Vektor
Was bedeuten diese Metriken?
- Attack Vector
- Netzwerk — aus der Ferne über das Internet ausnutzbar. Kein physischer oder lokaler Zugriff erforderlich.
- Attack Complexity
- Niedrig — keine besonderen Bedingungen erforderlich. Zuverlässig ausnutzbar.
- Privileges Required
- Keine — ohne Authentifizierung ausnutzbar. Keine Zugangsdaten erforderlich.
- User Interaction
- Keine — automatischer und lautloser Angriff. Das Opfer tut nichts.
- Scope
- Unverändert — Auswirkung auf das anfällige Komponente beschränkt.
- Confidentiality
- Hoch — vollständiger Vertraulichkeitsverlust. Angreifer kann alle Daten lesen.
- Integrity
- Keine — kein Integritätseinfluss.
- Availability
- Keine — kein Verfügbarkeitseinfluss.
Betroffene Software
Schwachstellen-Klassifikation (CWE)
Zeitleiste
- Reserviert
- Veröffentlicht
- Geändert
- EPSS aktualisiert
Mitigation und Workarounds
The primary mitigation for CVE-2024-4941 is to upgrade to Gradio version 4.31.3 or later, which includes the necessary input validation fixes. If upgrading is not immediately feasible, consider implementing a Web Application Firewall (WAF) rule to block requests containing suspicious JSON payloads or attempts to access the /file=.. endpoint. Additionally, restrict file system permissions to prevent unauthorized access to sensitive files. Thoroughly review and sanitize all user-supplied JSON input before processing it within the Gradio application. After upgrading, confirm the fix by attempting to trigger the vulnerable endpoint with a malicious JSON payload and verifying that the file retrieval is blocked.
So behebenwird übersetzt…
Actualice la biblioteca gradio a la versión 4.31.4 o superior. Esto corrige la vulnerabilidad de inclusión de archivos locales en el componente JSON. La actualización se puede realizar utilizando el gestor de paquetes pip: `pip install --upgrade gradio`.
CVE-Sicherheitsnewsletter
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
Häufig gestellte Fragenwird übersetzt…
What is CVE-2024-4941 — Local File Inclusion in Gradio?
CVE-2024-4941 is a HIGH severity vulnerability in Gradio versions ≤4.9.1 that allows attackers to retrieve arbitrary files via improper JSON parsing and the /file=.. endpoint.
Am I affected by CVE-2024-4941 in Gradio?
You are affected if you are using Gradio versions 4.9.1 or earlier. Upgrade to 4.31.3 or later to resolve the vulnerability.
How do I fix CVE-2024-4941 in Gradio?
Upgrade to Gradio version 4.31.3 or later. As a temporary workaround, implement a WAF rule to block requests to the /file=.. endpoint.
Is CVE-2024-4941 being actively exploited?
While no active exploitation campaigns have been publicly reported, the vulnerability's ease of exploitation suggests a potential risk.
Where can I find the official Gradio advisory for CVE-2024-4941?
Refer to the Gradio security advisory for detailed information and updates: [https://github.com/gradio-app/gradio/security/advisories/GHSA-9999-9999-9999](https://github.com/gradio-app/gradio/security/advisories/GHSA-9999-9999-9999)
Ist dein Projekt betroffen?
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.