python · crawl4aiCritical
crawl4ai Docker API Server SSRF Protection Bypass
The SSRF protection in validate_webhook_url/validate_url_destination used an incomplete IPv4/IPv6 CIDR blocklist, allowing bypasses via IPv6 transition forms.
What changed
The SSRF protection in validate_webhook_url/validate_url_destination used an incomplete IPv4/IPv6 CIDR blocklist, allowing bypasses via IPv6 transition forms. Fixed by rejecting any resolved IP where not ip.is_global, evaluated on the address and every embedded IPv4 transition form. Error messages are now opaque.
Who it affects
All users of the crawl4ai Docker API server with default unauthenticated configuration (jwt_enabled: false).
What to do today
Upgrade to the patched version, enable authentication via CRAWL4AI_API_TOKEN, or restrict the container's outbound network access with an egress firewall.
The trail
Collected→
Audited→
Written→
Published