label-studio 1.10.1 vulnerabilities

Known vulnerabilities in the label-studio package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
H Directory Traversal label-studio is a Label Studio annotation tool Affected versions of this package are vulnerable to Directory Traversal via the `download` function due to improper input validation when processing image references during task exports. . An attacker can access files outside the intended directory structure by creating tasks with path traversal sequences in the image field during task exports in VOC, COCO, and YOLO formats. How to fix Directory Traversal? Upgrade `label-studio` to version 1.16.0 or higher.	[,1.16.0)
M Cross-site Scripting (XSS) label-studio is a Label Studio annotation tool Affected versions of this package are vulnerable to Cross-site Scripting (XSS) through the `/projects/upload-example` endpoint due to improper sanitization of the input passed to the `label_config` query parameter. How to fix Cross-site Scripting (XSS)? Upgrade `label-studio` to version 1.16.0 or higher.	[,1.16.0)
M Server-side Request Forgery (SSRF) label-studio is a Label Studio annotation tool Affected versions of this package are vulnerable to Server-side Request Forgery (SSRF) via the `s3_endpoint` parameter due to improper input validation. An attacker can make the application send HTTP requests to arbitrary internal services by specifying them as the S3 endpoint. How to fix Server-side Request Forgery (SSRF)? Upgrade `label-studio` to version 1.16.0 or higher.	[,1.16.0)
M Improper Input Validation label-studio is a Label Studio annotation tool Affected versions of this package are vulnerable to Improper Input Validation due to incomplete URL substring sanitization through the `encodeSVG` function. How to fix Improper Input Validation? Upgrade `label-studio` to version 1.12.1 or higher.	[,1.12.1)
M Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') label-studio is a Label Studio annotation tool Affected versions of this package are vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') due to improper sanitization of data imported via the file upload feature before rendering within a `Choices` or `Labels` tag. An attacker can inject malicious scripts into the web page, which could be executed in the context of the user's browser session by uploading a file containing a payload. Note: This is only exploitable if the attacker has permission to use the "data import" function. How to fix Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')? Upgrade `label-studio` to version 1.11.0 or higher.	[,1.11.0)
M Server-Side Request Forgery (SSRF) label-studio is a Label Studio annotation tool Affected versions of this package are vulnerable to Server-Side Request Forgery (SSRF) via the `validate_upload_url` function. An attacker can bypass SSRF protections (`SSRF_PROTECTION_ENABLED`) and access internal web servers, potentially compromising the confidentiality of those servers by using HTTP redirection or performing a DNS rebinding attack. How to fix Server-Side Request Forgery (SSRF)? Upgrade `label-studio` to version 1.11.0 or higher.	[,1.11.0)

Vulnerability

Vulnerable Version

Directory Traversal

label-studio is a Label Studio annotation tool

Affected versions of this package are vulnerable to Directory Traversal via the download function due to improper input validation when processing image references during task exports.

. An attacker can access files outside the intended directory structure by creating tasks with path traversal sequences in the image field during task exports in VOC, COCO, and YOLO formats.

How to fix Directory Traversal?

Upgrade label-studio to version 1.16.0 or higher.

[,1.16.0)

Cross-site Scripting (XSS)

label-studio is a Label Studio annotation tool

Affected versions of this package are vulnerable to Cross-site Scripting (XSS) through the /projects/upload-example endpoint due to improper sanitization of the input passed to the label_config query parameter.

How to fix Cross-site Scripting (XSS)?

Upgrade label-studio to version 1.16.0 or higher.

[,1.16.0)

Server-side Request Forgery (SSRF)

label-studio is a Label Studio annotation tool

Affected versions of this package are vulnerable to Server-side Request Forgery (SSRF) via the s3_endpoint parameter due to improper input validation. An attacker can make the application send HTTP requests to arbitrary internal services by specifying them as the S3 endpoint.

How to fix Server-side Request Forgery (SSRF)?

Upgrade label-studio to version 1.16.0 or higher.

[,1.16.0)

Improper Input Validation

label-studio is a Label Studio annotation tool

Affected versions of this package are vulnerable to Improper Input Validation due to incomplete URL substring sanitization through the encodeSVG function.

How to fix Improper Input Validation?

Upgrade label-studio to version 1.12.1 or higher.

[,1.12.1)

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

label-studio is a Label Studio annotation tool

Affected versions of this package are vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') due to improper sanitization of data imported via the file upload feature before rendering within a Choices or Labels tag. An attacker can inject malicious scripts into the web page, which could be executed in the context of the user's browser session by uploading a file containing a payload.

Note:

This is only exploitable if the attacker has permission to use the "data import" function.

How to fix Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')?

Upgrade label-studio to version 1.11.0 or higher.

[,1.11.0)

Server-Side Request Forgery (SSRF)

label-studio is a Label Studio annotation tool

Affected versions of this package are vulnerable to Server-Side Request Forgery (SSRF) via the validate_upload_url function. An attacker can bypass SSRF protections (SSRF_PROTECTION_ENABLED) and access internal web servers, potentially compromising the confidentiality of those servers by using HTTP redirection or performing a DNS rebinding attack.

How to fix Server-Side Request Forgery (SSRF)?

Upgrade label-studio to version 1.11.0 or higher.

[,1.11.0)

label-studio@1.10.1 vulnerabilities

Label Studio annotation tool

latest version

latest non vulnerable version

first published

latest version published

licenses detected

Direct Vulnerabilities

How to fix?