Plattform
python
Komponente
label-studio
Behoben in
1.16.1
1.16.0
CVE-2025-25297 describes a Server-Side Request Forgery (SSRF) vulnerability found in Label Studio's S3 storage integration. This flaw allows attackers to manipulate the application into sending HTTP requests to arbitrary internal services by crafting malicious S3 endpoint URLs. The vulnerability impacts Label Studio versions 1.9.2.post0 and earlier; upgrading to version 1.16.0 resolves the issue.
The SSRF vulnerability in Label Studio allows an attacker to bypass security controls and potentially access sensitive internal resources. By specifying a malicious S3 endpoint URL, an attacker can trick Label Studio into making requests to internal services that are not directly exposed to the internet. This could lead to data exfiltration, privilege escalation, or even remote code execution if the targeted internal service is vulnerable. The blast radius extends to any internal service accessible via HTTP, potentially compromising the entire internal network. This vulnerability shares similarities with other SSRF exploits where attackers leverage trusted applications to probe and access internal infrastructure.
CVE-2025-25297 was publicly disclosed on 2025-02-14. The vulnerability is not currently listed on CISA KEV, and an EPSS score is pending evaluation. No public proof-of-concept exploits have been identified at the time of writing, but the SSRF nature of the vulnerability makes it likely that exploits will emerge. Monitor security advisories and threat intelligence feeds for updates.
Organizations utilizing Label Studio for data annotation and labeling, particularly those with sensitive internal services accessible via HTTP, are at risk. Environments with misconfigured S3 endpoints or insufficient network segmentation are especially vulnerable. Shared hosting environments running Label Studio should be carefully reviewed for potential exposure.
• python / server:
# Check for vulnerable Label Studio versions
ps aux | grep 'label-studio==[1.9.0-1.9.2.post0]' • generic web:
# Check for S3 endpoint configuration in Label Studio settings (if accessible)
curl -I http://<label-studio-host>/settings/storage | grep 's3_endpoint='disclosure
Exploit-Status
EPSS
0.05% (16% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2025-25297 is to upgrade Label Studio to version 1.16.0 or later, which includes the necessary fixes. If upgrading is not immediately feasible, consider implementing temporary workarounds. Restrict network access to the Label Studio server to only allow connections to authorized S3 endpoints. Implement strict input validation on the s3_endpoint parameter to prevent attackers from injecting malicious URLs. Consider using a Web Application Firewall (WAF) to filter out requests with suspicious S3 endpoint URLs. After upgrading, confirm the fix by attempting to create an S3 connection with a known malicious endpoint URL; the connection should fail with an appropriate error message.
Aktualisieren Sie Label Studio auf Version 1.16.0 oder höher. Diese Version enthält eine Korrektur für die SSRF-Schwachstelle. Das Update verhindert, dass Angreifer die Schwachstelle ausnutzen, um auf interne Dienste zuzugreifen.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2025-25297 is a Server-Side Request Forgery vulnerability in Label Studio versions up to 1.9.2.post0, allowing attackers to make the application send requests to arbitrary internal services.
If you are running Label Studio version 1.9.2.post0 or earlier, you are potentially affected by this vulnerability.
Upgrade Label Studio to version 1.16.0 or later to resolve the SSRF vulnerability. Implement temporary workarounds if immediate upgrade is not possible.
No public exploits have been identified, but the SSRF nature of the vulnerability makes exploitation likely. Monitor security advisories.
Refer to the Label Studio security advisories on their official website or GitHub repository for the latest information.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine requirements.txt-Datei hoch und wir sagen dir sofort, ob du betroffen bist.