Comments (7)
Hi @refiller this issue has been fixed as part of #7503
Also your security team e-mail ([email protected]) did not work
Where did you see this email? This has been replaced with: [email protected]
from gradio.
Hello, that e-mail can be found here https://github.com/gradio-app/gradio/blob/main/SECURITY.md
It's good to hear it's been fixed, is it part of any release yet? It seems like the CVE record thinks even the latest version is still vulnerable.
from gradio.
Yes I’ll issue a CVE advisory but it’s fixed in the latest version: 4.31.4, as well as many older versions
from gradio.
An advisory would be really helpful, thank you!
And thanks for the information too!
from gradio.
Hi @refiller I looked into this and actually the CVE in question is a little unclear. If its referring to GHSA-48cq-79qq-6f7x, then indeed that issue has been patched since gradio==4.19.2
and we have a published advisory for it.
If on the other hand, its referring to users being able to upload arbitrary files to a Gradio app that includes a file upload component (such as gr.File
or gr.UploadButton
), then this is indeed intentional and would be classified as a "won't fix". This would be similar to a Flask app or FastAPI app accepting any files to be uploaded in a general upload route.
from gradio.
Hello @abidlabs
https://nvd.nist.gov/vuln/detail/CVE-2023-41626 is the one I'm referring to, and it looks like that's the "won't fix" one.
The gist https://gist.github.com/impose1/590472eb0544ef1ec36c8a5a40122adb (apparently that's all it takes to report a vuln) says this:
Gradio v3.27.0 was discovered to contain an arbitrary file upload,Uploading files to the/tmp directory may result in malicious access to website permissions if there are file containing vulnerabilities in other sites on the server.
I'm trying to understand why the author thought this was a High vulnerability.
- What is the problem with this? Can Gradio be tricked into executing something in the /tmp directory or something?
- I don't see a problem with gradio allowing arbitrary file uploads (plenty of things support this)
- I might see the author's point if the server admin could unexpectedly cause an arbitrary code execution situation, as in, if Gradio auto-executes anything in /tmp
- I would not consider it a vulnerability if Gradio e.g. allowed somebody to upload a python file, and then the admin put code in to execute it. That's not Gradio's fault, that's the person using Gradio's fault.
from gradio.
That's an excellent question for the author of that CVE
What is the problem with this? Can Gradio be tricked into executing something in the /tmp directory or something?
Not as far as I know. If a security researcher finds this, and can provide us a PoC, we would treat this as a high-priority security vulnerability
I don't see a problem with gradio allowing arbitrary file uploads (plenty of things support this)
I might see the author's point if the server admin could unexpectedly cause an arbitrary code execution situation, as in, if Gradio auto-executes anything in /tmp
I would not consider it a vulnerability if Gradio e.g. allowed somebody to upload a python file, and then the admin put code in to execute it. That's not Gradio's fault, that's the person using Gradio's fault.
Agreed with these points
from gradio.
Related Issues (20)
- Update/add documentation for `handle_file` in JS Client
- ImportError: cannot import name 'CommitOperationAdd' from 'huggingface_hub' HOT 1
- Issues with Gradio ImageMask HOT 1
- How to use tool="sketch" in gradio 4.x? HOT 4
- Running `gradio cc dev --host x.x.x.x` on a remote machine does not work.
- Incorrect monitoring URL when using the root_path parameter
- Error when using js for event listeners HOT 1
- Audio component waveform slow rendering HOT 1
- [Gradio Client] cannot pass keyword arguments HOT 6
- ChatBot API documentation does not use keyword argument syntyax HOT 3
- 'use via API' page should (could?) use live values HOT 1
- `@gradio/client` iterator doesn't fully finish (i think)
- Cancelled generators do only get closed after gradio exits. HOT 3
- Use cookies to persist monitoring URL token
- Data event return empty data object in JS client HOT 1
- Redirect to the specified URL HOT 1
- nude girl
- Add 'enable_monitoring' to `gr.mount_gradio_app()`
- How to get uploaded image and if user draws a mask get it as a gray mask from ImageEditor HOT 2
- client <-> server function id mismatch when rendering within sub-blocks HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from gradio.