whisperX REST API: SSRF in download_from_url() — URL validation happens after HTTP request, extension bypass via .mp3

The whisperX API is a tool for enhancing and analyzing audio content. From 0.3.1 to 0.5.0, FileService.download_from_url() in app/services/file_service.py calls requests.get(url) with zero URL validation. The file extension check occurs AFTER the HTTP request is already made, and can be bypassed by appending .mp3 to any internal URL. The /speech-to-text-url endpoint is unauthenticated. This vulnerability is fixed in 0.6.0.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N

服务端请求伪造(SSRF)

whisperX REST API 代码问题漏洞

whisperX REST API是Pavel Zbornik个人开发者的一个音频转录与分析增强工具。 whisperX REST API 0.3.1至0.5.0版本存在代码问题漏洞，该漏洞源于FileService.download_from_url()在发出HTTP请求后执行文件扩展名检查，可能导致绕过检查并访问内部URL。

N/A

N/A