mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 09:11:28 +00:00
68 lines
3.4 KiB
JSON
68 lines
3.4 KiB
JSON
{
|
|
"id": "CVE-2024-1561",
|
|
"sourceIdentifier": "security@huntr.dev",
|
|
"published": "2024-04-16T00:15:08.887",
|
|
"lastModified": "2024-05-10T15:15:07.133",
|
|
"vulnStatus": "Awaiting Analysis",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "An issue was discovered in gradio-app/gradio, where the `/component_server` endpoint improperly allows the invocation of any method on a `Component` class with attacker-controlled arguments. Specifically, by exploiting the `move_resource_to_block_cache()` method of the `Block` class, an attacker can copy any file on the filesystem to a temporary directory and subsequently retrieve it. This vulnerability enables unauthorized local file read access, posing a significant risk especially when the application is exposed to the internet via `launch(share=True)`, thereby allowing remote attackers to read files on the host machine. Furthermore, gradio apps hosted on `huggingface.co` are also affected, potentially leading to the exposure of sensitive information such as API keys and credentials stored in environment variables."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Se descubri\u00f3 un problema en gradio-app/gradio, donde el endpoint `/component_server` permite incorrectamente la invocaci\u00f3n de cualquier m\u00e9todo en una clase `Component` con argumentos controlados por el atacante. Espec\u00edficamente, al explotar el m\u00e9todo `move_resource_to_block_cache()` de la clase `Block`, un atacante puede copiar cualquier archivo en el sistema de archivos a un directorio temporal y posteriormente recuperarlo. Esta vulnerabilidad permite el acceso de lectura de archivos locales no autorizados, lo que representa un riesgo significativo, especialmente cuando la aplicaci\u00f3n est\u00e1 expuesta a Internet a trav\u00e9s de \"launch(share=True)\", lo que permite a atacantes remotos leer archivos en la m\u00e1quina host. Adem\u00e1s, las aplicaciones de gradio alojadas en `huggingface.co` tambi\u00e9n se ven afectadas, lo que podr\u00eda provocar la exposici\u00f3n de informaci\u00f3n confidencial, como claves API y credenciales almacenadas en variables de entorno."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV30": [
|
|
{
|
|
"source": "security@huntr.dev",
|
|
"type": "Secondary",
|
|
"cvssData": {
|
|
"version": "3.0",
|
|
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
|
|
"attackVector": "NETWORK",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "NONE",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "HIGH",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "NONE",
|
|
"baseScore": 7.5,
|
|
"baseSeverity": "HIGH"
|
|
},
|
|
"exploitabilityScore": 3.9,
|
|
"impactScore": 3.6
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "security@huntr.dev",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-29"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "https://github.com/gradio-app/gradio/commit/24a583688046867ca8b8b02959c441818bdb34a2",
|
|
"source": "security@huntr.dev"
|
|
},
|
|
{
|
|
"url": "https://huntr.com/bounties/4acf584e-2fe8-490e-878d-2d9bf2698338",
|
|
"source": "security@huntr.dev"
|
|
},
|
|
{
|
|
"url": "https://www.gradio.app/changelog#4-13-0",
|
|
"source": "security@huntr.dev"
|
|
}
|
|
]
|
|
} |