CVE-2024-12217 Information

Description

A vulnerability in the gradio-app/gradio repository version git 67e4044 allows for path traversal on Windows OS. The implementation of the blocked_path functionality which is intended to disallow users from reading certain files is flawed. Specifically while the application correctly blocks access to paths like ‘C:/tmp/secret.txt’ it fails to block access when using NTFS Alternate Data Streams (ADS) syntax such as ‘C:/tmp/secret.txt::$DATA’. This flaw can lead to unauthorized reading of blocked file paths.

Reference

https://huntr.com/bounties/0439bf3d-cb38-43a5-8314-0fadf85cc5a0 https://huntr.com/bounties/0439bf3d-cb38-43a5-8314-0fadf85cc5a0