Local File Inclusion in JSON component in gradio-app/gradio

A local file inclusion vulnerability exists in the JSON component of gradio-app/gradio version 4.25. The vulnerability arises from improper input validation in the `postprocess()` function within `gradio/components/json_component.py`, where a user-controlled string is parsed as JSON. If the parsed JSON object contains a `path` key, the specified file is moved to a temporary directory, making it possible to retrieve it later via the `/file=..` endpoint. This issue is due to the `processing_utils.move_files_to_cache()` function traversing any object passed to it, looking for a dictionary with a `path` key, and then copying the specified file to a temporary directory. The vulnerability can be exploited by an attacker to read files on the remote system, posing a significant security risk.

N/A

对路径名的限制不恰当(路径遍历)

Gradio 输入验证错误漏洞

Gradio是一个开源 Python 库，是通过友好的 Web 界面演示机器学习模型的方法。 Gradio 4.25 版本存在输入验证错误漏洞，该漏洞源于 postprocess 函数中输入验证不当，其中 path 字段可以通过 ../ 遍历路径。

N/A

N/A