AVID-2026-R1540

Description

One-level read path traversal in /custom_component in Gradio (CVE-2024-47166)

Details

Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves a one-level read path traversal in the /custom_component endpoint. Attackers can exploit this flaw to access and leak source code from custom Gradio components by manipulating the file path in the request. Although the traversal is limited to a single directory level, it could expose proprietary or sensitive code that developers intended to keep private. This impacts users who have developed custom Gradio components and are hosting them on publicly accessible servers. Users are advised to upgrade to gradio>=4.44 to address this issue. As a workaround, developers can sanitize the file paths and ensure that components are not stored in publicly accessible directories.

Reason for inclusion in AVID: CVE-2024-47166 describes a one-level path traversal vulnerability in Gradio’s /custom_component endpoint that allows leaking source code from custom components. Gradio is a Python library frequently used to build AI demos and pipelines, and is a dependency in AI software stacks for UI, components, and model-serving interfaces. This is a software vulnerability in a component used to build/deploy AI systems, i.e., a potential supply-chain aspect of general-purpose AI software. The vulnerability is security-related (path traversal leading to potential data/code exposure) and the report provides sufficient evidence (CVE entry, impact, remediation).

References

• NVD entry
• https://github.com/gradio-app/gradio/security/advisories/GHSA-37qc-qgx6-9xjv

Affected or Relevant Artifacts

• Developer: gradio-app
• Deployer: gradio-app
• Artifact Details:

Impact

AVID Taxonomy Categorization

• Risk domains: Security
• SEP subcategories: S0100: Software Vulnerability
• Lifecycle stages: L06: Deployment

CWE

Other information

• Report Type: Advisory
• Credits:
• Date Reported: 2024-10-10
• Version: 0.3.3
• AVID Entry