GHSA-r5gx-c49x-h878: SSRF
First published: Tue Mar 11 2025(Updated: )
Rembg is a tool to remove images background. In Rembg 2.0.57 and earlier, the /api/remove endpoint takes a URL query parameter that allows an image to be fetched, processed and returned. An attacker may be able to query this endpoint to view pictures hosted on the internal network of the rembg server. This issue may lead to Information Disclosure.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| pip/rembg | <=2.0.57 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of GHSA-r5gx-c49x-h878?
The GHSA-r5gx-c49x-h878 vulnerability is considered to have high severity due to potential exposure of sensitive internal images.
How do I fix GHSA-r5gx-c49x-h878?
To fix GHSA-r5gx-c49x-h878, upgrade to rembg version 2.0.58 or later.
What is the impact of GHSA-r5gx-c49x-h878?
The impact of GHSA-r5gx-c49x-h878 allows attackers to access images hosted on the internal network through an unsecured API endpoint.
Which versions of rembg are affected by GHSA-r5gx-c49x-h878?
Rembg versions 2.0.57 and earlier are affected by GHSA-r5gx-c49x-h878.
Is there a workaround for GHSA-r5gx-c49x-h878?
Disabling the /api/remove endpoint or restricting access to it can serve as a temporary workaround for GHSA-r5gx-c49x-h878.
- collector/github-advisory-latest
- source/GitHub
- alias/GHSA-r5gx-c49x-h878
- alias/CVE-2025-25301
- agent/software-canonical-lookup
- agent/weakness
- agent/source
- agent/softwarecombine
- agent/severity
- agent/references
- agent/last-modified-date
- agent/type
- agent/description
- agent/first-publish-date
- agent/tags
- agent/event
- package-manager/pip