Vulnerability Details CVE-2024-2206
An SSRF vulnerability exists in the gradio-app/gradio due to insufficient validation of user-supplied URLs in the `/proxy` route. Attackers can exploit this vulnerability by manipulating the `self.replica_urls` set through the `X-Direct-Url` header in requests to the `/` and `/config` routes, allowing the addition of arbitrary URLs for proxying. This flaw enables unauthorized proxying of requests and potential access to internal endpoints within the Hugging Face space. The issue arises from the application's inadequate checking of safe URLs in the `build_proxy_request` function.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 27.8%
CVSS Severity
CVSS v3 Score 7.3
References
Products affected by CVE-2024-2206
-
cpe:2.3:a:gradio_project:gradio:3.47.1
-
cpe:2.3:a:gradio_project:gradio:3.48.0
-
cpe:2.3:a:gradio_project:gradio:3.49.0
-
cpe:2.3:a:gradio_project:gradio:3.50.0
-
cpe:2.3:a:gradio_project:gradio:3.50.1
-
cpe:2.3:a:gradio_project:gradio:3.50.2
-
cpe:2.3:a:gradio_project:gradio:4.0.0
-
cpe:2.3:a:gradio_project:gradio:4.0.1
-
cpe:2.3:a:gradio_project:gradio:4.0.2
-
cpe:2.3:a:gradio_project:gradio:4.1.0
-
cpe:2.3:a:gradio_project:gradio:4.1.1
-
cpe:2.3:a:gradio_project:gradio:4.1.2
-
cpe:2.3:a:gradio_project:gradio:4.10.0
-
cpe:2.3:a:gradio_project:gradio:4.11.0
-
cpe:2.3:a:gradio_project:gradio:4.12.0
-
cpe:2.3:a:gradio_project:gradio:4.13.0
-
cpe:2.3:a:gradio_project:gradio:4.14.0
-
cpe:2.3:a:gradio_project:gradio:4.15.0
-
cpe:2.3:a:gradio_project:gradio:4.16.0
-
cpe:2.3:a:gradio_project:gradio:4.17.0
-
cpe:2.3:a:gradio_project:gradio:4.2.0
-
cpe:2.3:a:gradio_project:gradio:4.3.0
-
cpe:2.3:a:gradio_project:gradio:4.4.0
-
cpe:2.3:a:gradio_project:gradio:4.4.1
-
cpe:2.3:a:gradio_project:gradio:4.5.0
-
cpe:2.3:a:gradio_project:gradio:4.6.0
-
cpe:2.3:a:gradio_project:gradio:4.7.0
-
cpe:2.3:a:gradio_project:gradio:4.8.0
-
cpe:2.3:a:gradio_project:gradio:4.9.0
-
cpe:2.3:a:gradio_project:gradio:4.9.1