5.8
CVE-2026-34981
- EPSS 0.25%
- Veröffentlicht 06.04.2026 16:19:13
- Zuletzt bearbeitet 27.04.2026 14:44:50
- Quelle security-advisories@github.com
- CVE-Watchlists
- Unerledigt
LoginwhisperX REST API: SSRF in download_from_url() — URL validation happens after HTTP request, extension bypass via .mp3
The whisperX API is a tool for enhancing and analyzing audio content. From 0.3.1 to 0.5.0, FileService.download_from_url() in app/services/file_service.py calls requests.get(url) with zero URL validation. The file extension check occurs AFTER the HTTP request is already made, and can be bypassed by appending .mp3 to any internal URL. The /speech-to-text-url endpoint is unauthenticated. This vulnerability is fixed in 0.6.0.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Pavelzbornik ≫ Whisperx Rest Api Version >= 0.3.1 < 0.6.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.25% | 0.163 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| security-advisories@github.com | 5.8 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
|
CWE-918 Server-Side Request Forgery (SSRF)
The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.
https://github.com/pavelzbornik/whisperX-FastAPI/security/advisories/GHSA-6rc7-r867-c635
https://github.com/pavelzbornik/whisperX-FastAPI/issues/256
https://github.com/pavelzbornik/whisperX-FastAPI/commit/ef78fe2001deede5354031e4200d41c6a7e8cbfc