AVID-2026-R1389

Description

SSRF in langgenius/dify (CVE-2024-12775)

Details

langgenius/dify version 0.10.1 contains a Server-Side Request Forgery (SSRF) vulnerability in the test functionality for the Create Custom Tool option via the REST API POST /console/api/workspaces/current/tool-provider/api/test/pre. Attackers can set the url in the servers dictionary in OpenAI’s schema with arbitrary URL targets, allowing them to abuse the victim server’s credentials to access unauthorized web resources.

Reason for inclusion in AVID: CVE-2024-12775 describes a Server-Side Request Forgery (SSRF) in langgenius/dify v0.10.1, a tool/framework used for AI tooling and integration. The vulnerability resides in a REST API endpoint used to test custom tools, allowing an attacker to supply arbitrary URLs and abuse the server’s credentials to access internal resources. This directly concerns AI tooling/framework software and can impact AI pipelines, serving stacks, and related dependencies. Therefore, it is a software supply-chain vulnerability within components used to build/run general-purpose AI systems, and it is a CVE-style security vulnerability with clear exploitation potential.

References

• NVD entry
• https://huntr.com/bounties/e90e929a-9bc9-46ad-a5e5-1f6f124d0f12

Affected or Relevant Artifacts

• Developer: langgenius
• Deployer: langgenius
• Artifact Details:

Impact

AVID Taxonomy Categorization

• Risk domains: Security
• SEP subcategories: S0100: Software Vulnerability
• Lifecycle stages: L06: Deployment

CVSS

CWE

Other information

• Report Type: Advisory
• Credits:
• Date Reported: 2025-03-20
• Version: 0.3.3
• AVID Entry