Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
whisperX REST API: SSRF in download_from_url() — URL validation happens after HTTP request, extension bypass via .mp3
Vulnerability Description
The whisperX API is a tool for enhancing and analyzing audio content. From 0.3.1 to 0.5.0, FileService.download_from_url() in app/services/file_service.py calls requests.get(url) with zero URL validation. The file extension check occurs AFTER the HTTP request is already made, and can be bypassed by appending .mp3 to any internal URL. The /speech-to-text-url endpoint is unauthenticated. This vulnerability is fixed in 0.6.0.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
Vulnerability Type
服务端请求伪造(SSRF)
Vulnerability Title
whisperX REST API 代码问题漏洞
Vulnerability Description
whisperX REST API是Pavel Zbornik个人开发者的一个音频转录与分析增强工具。 whisperX REST API 0.3.1至0.5.0版本存在代码问题漏洞,该漏洞源于FileService.download_from_url()在发出HTTP请求后执行文件扩展名检查,可能导致绕过检查并访问内部URL。
CVSS Information
N/A
Vulnerability Type
N/A