CVE-2025-25295

Name of the Vulnerable Software and Affected Versions: Label Studio versions prior to 1.16.0 Label Studio SDK versions prior to 1.0.10

Description: A path traversal vulnerability in Label Studio SDK allows unauthorized file access outside the intended directory structure. The flaw exists in the VOC, COCO, and YOLO export functionalities, which invoke a download function on the label-studio-sdk python package that fails to validate file paths when processing image references during task exports. By creating tasks with path traversal sequences in the image field, an attacker can force the application to read files from arbitrary server filesystem locations when exporting projects in any of the mentioned formats. This is an authentication-required vulnerability allowing arbitrary file reads from the server filesystem, potentially exposing sensitive information like configuration files, credentials, and confidential data.

Recommendations: To mitigate this issue, Label Studio users should upgrade to version 1.16.0 or newer. As a temporary workaround, consider validating and sanitizing file paths, adding an allowlist of directories and file types, implementing file access controls, and using randomized file names and secure file storage abstraction. Restrict access to the vulnerable download function in the label-studio-sdk python package to minimize the risk of exploitation. Avoid using the image field in the affected API endpoint until the issue is resolved.