Server-Side Request Forgery (SSRF) in Gradio - CVE-2024-47167

 

Server-Side Request Forgery (SSRF) in Gradio - CVE-2024-47167

Published: October 10, 2024 / Updated: April 28, 2026


Vulnerability identifier: #VU128291
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2024-47167
CWE-ID: CWE-918
Exploitation vector: Remote access
Exploit availability: No public exploit available
Vendor: Gradio
Affected software:
Gradio

Detailed vulnerability description

The vulnerability allows a remote attacker to perform server-side request forgery.

The vulnerability exists due to improper control of outbound requests in the async_save_url_to_cache function within the /queue/join endpoint when processing a user-controlled URL path parameter. A remote attacker can supply a crafted URL to perform server-side request forgery.

Exploitation can target internal servers or services, and fetched content is stored locally. Applications using components that fetch URLs, such as the Video component, are affected.


How to mitigate CVE-2024-47167

Install security update from vendor's website.

Sources