AI Sec Watch

Gradio, an open-source Python package for building AI interfaces quickly, has a vulnerability where the enable_monitoring flag doesn't actually disable monitoring as intended. Even when a developer sets enable_monitoring=False to turn off monitoring, an attacker can still access sensitive analytics by directly requesting the /monitoring endpoint (a specific web address). This puts applications at risk of exposing data that was supposed to be hidden.

Gradio, an open-source Python package for building AI demos, has a vulnerability called SSRF (server-side request forgery, where an attacker tricks a server into making requests to URLs the attacker chooses) in its `/queue/join` endpoint. Attackers can exploit this to force the Gradio server to request internal or local network addresses, potentially stealing data or uploading malicious files, especially affecting applications using the Video component. Users should upgrade to Gradio version 5 or later to fix this issue.

Gradio, an open-source Python package for building quick demos, has a vulnerability called path traversal (a method where attackers manipulate file paths to access files outside their intended directory) in its `/custom_component` endpoint. Attackers can exploit this to read and leak source code from custom Gradio components, potentially exposing sensitive code that developers wanted to keep private, particularly affecting those hosting custom components on public servers.

Gradio, an open-source Python package for building AI demos, has a vulnerability where it incorrectly accepts requests from sources with a null origin (a security boundary used by web browsers). This happens because the `localhost_aliases` variable includes "null" as a valid CORS origin (cross-origin resource sharing, which controls what websites can access a server). Attackers could exploit this to steal sensitive data like login tokens or uploaded files from local Gradio deployments.

Gradio, an open-source Python package for building AI demos, has a vulnerability in its directory traversal check function that can be bypassed using special file path sequences (like `..` which means "go up one folder"). This could allow attackers to access files they shouldn't be able to reach, especially when uploading files, though exploiting it is difficult.

Gradio, an open-source Python package for prototyping, has a vulnerability in CORS origin validation (the security check that verifies requests come from trusted websites). When a cookie is present, the server fails to validate the request's origin, allowing attackers to trick users into making unauthorized requests to their local Gradio server, potentially stealing files, authentication tokens, or user data.

Taipy, an open-source Python library for building data applications, has a security flaw where session cookies are served without the Secure and HTTPOnly flags (security markers that prevent browsers from sending cookies over unencrypted connections and protect cookies from being accessed by JavaScript code). This vulnerability has a CVSS score (a 0-10 rating of how severe a vulnerability is) of 6.3, indicating medium severity.

CVE-2024-43610 is a vulnerability in Microsoft Copilot Studio that allows an unauthenticated attacker to view sensitive information through a network attack. The vulnerability has a CVSS 4.0 severity rating (a 0-10 scale measuring how serious a security flaw is), meaning it poses a moderate risk to affected systems.

CVE-2024-9333 is a permissions bypass vulnerability in M-Files Connector for Copilot (a tool that integrates M-Files document management with AI assistants) that allows authenticated users (people who have already logged in) to access documents they shouldn't be able to see due to incorrect access control list calculations. The vulnerability has a CVSS score of 5.3 (a 0-10 rating of how severe a vulnerability is), which is rated as medium severity.