Server-Side Request Forgery (SSRF) in Gradio - CVE-2024-47167
Published: October 10, 2024 / Updated: April 28, 2026
Gradio
Detailed vulnerability description
The vulnerability allows a remote attacker to perform server-side request forgery.
The vulnerability exists due to improper control of outbound requests in the async_save_url_to_cache function within the /queue/join endpoint when processing a user-controlled URL path parameter. A remote attacker can supply a crafted URL to perform server-side request forgery.
Exploitation can target internal servers or services, and fetched content is stored locally. Applications using components that fetch URLs, such as the Video component, are affected.