Platform
python
Component
rembg
Fixed in
2.0.58
2.0.58
2.0.58
CVE-2025-25301 describes an Information Disclosure vulnerability within Rembg, a background removal tool. This flaw allows attackers to potentially view images hosted on the internal network of a Rembg server by exploiting the /api/remove endpoint. The vulnerability impacts versions of Rembg up to and including 2.0.57. A fix is available in version 2.0.58.
The primary impact of CVE-2025-25301 is unauthorized access to internal images. An attacker could craft a malicious URL query parameter to the /api/remove endpoint, tricking the server into fetching and processing images from internal network resources. This could expose sensitive data contained within those images, such as internal documents, confidential files, or proprietary designs. The blast radius is limited to the internal network accessible by the Rembg server, but the potential for data exposure remains significant, particularly in environments where internal resources are not adequately segmented.
CVE-2025-25301 was publicly disclosed on 2025-03-03. There is no indication of active exploitation or KEV listing at the time of writing. Public proof-of-concept code is not currently available, but the vulnerability's nature makes it relatively straightforward to exploit. The EPSS score is likely to be medium, given the ease of exploitation and potential impact.
Exploit Status
EPSS
0.06% (18% percentile)
CISA SSVC
CVSS Vector
The recommended mitigation for CVE-2025-25301 is to immediately upgrade Rembg to version 2.0.58 or later. If upgrading is not immediately feasible, consider implementing a temporary workaround by restricting network access to the Rembg server. Specifically, limit its ability to access internal network resources. Additionally, implement input validation on the /api/remove endpoint to prevent malicious URL query parameters. Monitoring network traffic for unusual requests to the /api/remove endpoint can also help detect potential exploitation attempts. After upgrading, confirm the fix by attempting to access internal images through the /api/remove endpoint and verifying that access is denied.
Update the Rembg library to a version later than 2.0.57. This will fix the SSRF vulnerability in the /api/remove endpoint. Consider implementing URL validation or whitelists to restrict the domains that can be accessed through the background removal function.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2025-25301 is a HIGH severity vulnerability in Rembg versions 2.0.57 and earlier that allows attackers to view images hosted on the server’s internal network through the /api/remove endpoint.
You are affected if you are using Rembg version 2.0.57 or earlier. Upgrade to version 2.0.58 or later to mitigate the risk.
Upgrade Rembg to version 2.0.58 or later. As a temporary workaround, restrict network access to the Rembg server and implement input validation on the /api/remove endpoint.
There is currently no evidence of active exploitation, but the vulnerability's nature makes it relatively easy to exploit.
Refer to the Rembg project's official channels (e.g., GitHub repository, project website) for the latest advisory and updates regarding CVE-2025-25301.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your requirements.txt file and we'll tell you instantly if you're affected.