High severityNVD Advisory· Published Oct 3, 2022· Updated Aug 3, 2024

CVE-2022-36551

Description

A Server Side Request Forgery (SSRF) in the Data Import module in Heartex - Label Studio Community Edition versions 1.5.0 and earlier allows an authenticated user to access arbitrary files on the system. Furthermore, self-registration is enabled by default in these versions of Label Studio enabling a remote attacker to create a new account and then exploit the SSRF.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Server Side Request Forgery in Label Studio Community Edition ≤1.5.0 allows authenticated users (including self-registered) to read arbitrary files via the Data Import module.

Vulnerability

A Server Side Request Forgery (SSRF) vulnerability exists in the Data Import module of Heartex - Label Studio Community Edition versions 1.5.0 and earlier [2]. The module fails to properly validate URLs provided during data import, allowing an authenticated user to make the server send requests to arbitrary internal or external resources.

Exploitation

An attacker can exploit this vulnerability by first creating an account, as self-registration is enabled by default in these versions [2]. Once authenticated, the attacker can craft a malicious import request that points to a local file (e.g., file:///etc/passwd) or an internal service, thereby reading arbitrary files from the server's filesystem.

Impact

Successful exploitation grants the attacker read access to any file on the system that the Label Studio process can read. This could include configuration files, database credentials, source code, or other sensitive data, potentially leading to further compromise of the application and underlying infrastructure.

Mitigation

The vulnerability is addressed in Label Studio version 1.6.0 [1]. Users are strongly advised to upgrade to this version or later. Additionally, organizations should consider disabling self-registration if not required, to reduce the attack surface.

References

AI Insight generated on May 21, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected packages

Versions sourced from the GitHub Security Advisory.

Package	Affected versions	Patched versions
label-studioPyPI	< 1.6.0	1.6.0

Affected products

Heartex/Label Studio Community Editiondescription
ghsa-coords
pkg:pypi/label-studio
Range: < 1.6.0

Patches

501142cb815a

fix: DEV-3212: Add validation to avoid users import local files using URL (#2840)

https://github.com/heartexlabs/label-studioGuilherme MachadoAug 23, 2022via ghsa

commit

3 files changed · +42 −0

label_studio/data_import/uploader.py+4 −0 modified

@@ -174,6 +174,10 @@ def load_tasks(request, project):
         else:
             if settings.SSRF_PROTECTION_ENABLED and url_is_local(url):
                 raise ImportFromLocalIPError
+
+            if url.strip().startswith('file://'):
+                raise ValidationError('"url" is not valid')
+
             data_keys, found_formats, tasks, file_upload_ids = tasks_from_url(
                 file_upload_ids, project, request, url
             )

label_studio/tests/data_import/__init__.py+0 −0 added

label_studio/tests/data_import/test_uploader.py+38 −0 added

@@ -0,0 +1,38 @@
+import pytest
+
+from rest_framework.exceptions import ValidationError
+
+from data_import.uploader import load_tasks
+
+pytestmark = pytest.mark.django_db
+
+
+class MockedRequest:
+    FILES = ()
+
+    def __init__(self, url):
+        self.url = url
+
+    @property
+    def content_type(self):
+        return "application/x-www-form-urlencoded"
+
+    @property
+    def data(self):
+        return {"url": self.url}
+
+
+class TestUploader:
+    @pytest.fixture
+    def project(self, configured_project):
+        return configured_project
+
+    class TestLoadTasks:
+        @pytest.mark.parametrize("url", ("file:///etc/passwd", " file://etc/kernel "))
+        def test_raises_for_local_files(self, url, project):
+            request = MockedRequest(url=url)
+
+            with pytest.raises(ValidationError) as e:
+                load_tasks(request, project)
+
+            assert '"url" is not valid' in str(e.value)

Vulnerability mechanics

Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

github.com/advisories/GHSA-pc6f-259w-w3j6ghsaADVISORY
nvd.nist.gov/vuln/detail/CVE-2022-36551ghsaADVISORY
heartex.comghsaWEB
labelstud.ioghsaWEB
packetstormsecurity.com/files/171548/Label-Studio-1.5.0-Server-Side-Request-Forgery.htmlghsaWEB
github.com/heartexlabs/label-studio/commit/501142cb815ac964b0c600c491885b67386870c2ghsaWEB
github.com/heartexlabs/label-studio/pull/2840ghsaWEB
github.com/heartexlabs/label-studio/releases/tag/1.6.0ghsaWEB
github.com/pypa/advisory-database/tree/main/vulns/label-studio/PYSEC-2022-300.yamlghsaWEB

News mentions

No linked articles in our index yet.

cvss	0.455
epss	0.007
exploit	0.030
kev	0.000
patch	-0.070
ransomware	0.000