Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Gradio: Mocked OAuth Login Exposes Server Credentials and Uses Hardcoded Session Secret
Vulnerability Description
Gradio is an open-source Python package designed for quick prototyping. Starting in version 4.16.0 and prior to version 6.6.0, Gradio applications running outside of Hugging Face Spaces automatically enable "mocked" OAuth routes when OAuth components (e.g. `gr.LoginButton`) are used. When a user visits `/login/huggingface`, the server retrieves its own Hugging Face access token via `huggingface_hub.get_token()` and stores it in the visitor's session cookie. If the application is network-accessible, any remote attacker can trigger this flow to steal the server owner's HF token. The session cookie is signed with a hardcoded secret derived from the string `"-v4"`, making the payload trivially decodable. Version 6.6.0 fixes the issue.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:N
Vulnerability Type
使用硬编码的凭证
Vulnerability Title
Gradio 信任管理问题漏洞
Vulnerability Description
Gradio是Gradio开源的一个开源 Python 库,是通过友好的 Web 界面演示机器学习模型的方法。 Gradio 4.16.0至6.6.0之前版本存在信任管理问题漏洞,该漏洞源于OAuth组件使用时自动启用模拟OAuth路由,可能导致远程攻击者窃取服务器所有者的HF令牌。
CVSS Information
N/A
Vulnerability Type
N/A