PYSEC-2026-577

See a problem?
Import Source
https://github.com/pypa/advisory-database/blob/main/vulns/zrok/PYSEC-2026-577.yaml
JSON Data
https://api.osv.dev/v1/vulns/PYSEC-2026-577
Aliases
Published
2026-06-29T11:50:50.353793Z
Modified
2026-07-01T20:23:12.283893Z
Severity
  • 9.9 (Critical) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:L CVSS Calculator
Summary
rok Python ProxyShare can be used as an SSRF proxy through absolute URL paths
Details

Summary

Alice exposes a Python SDK ProxyShare with a fixed target URL. Bob sends a request to the share with an absolute URL in the path. The Flask handler passes that path to urllib.parse.urljoin, which replaces Alice's configured target host with Bob's host and returns the server-side response to Bob.

Details

The Python SDK proxy route accepts every path under the share:

@app.route('/', defaults={'path': ''}, methods=['GET', 'POST', 'PUT', 'DELETE', 'PATCH', 'OPTIONS'])
@app.route('/<path:path>', methods=['GET', 'POST', 'PUT', 'DELETE', 'PATCH', 'OPTIONS'])
def proxy(path):

It constructs the outbound URL with urljoin and then sends the request:

url = urllib.parse.urljoin(self.target, path)
resp = requests.request(
    method=request.method,
    url=url,
    headers={key: value for (key, value) in request.headers
             if key.lower() not in HOP_BY_HOP_HEADERS},
    data=request.get_data(),
    cookies=request.cookies,
    allow_redirects=False,
    stream=True,
    verify=self.verify_ssl
)

When path is [http://127.0.0.1:19190/metadata](http://127.0.0.1:19190/metadata%60), urljoin(self.target, path) returns [http://127.0.0.1:19190/metadata](http://127.0.0.1:19190/metadata%60). The proxy sends the request to Bob's chosen URL rather than Alice's target.

References

Affected packages

PyPI / zrok

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0.4.47
Last affected
1.1.11

Affected versions

0.*
0.4.47
0.4.48
0.4.49
1.*
1.0.0
1.0.1
1.0.2
1.0.3
1.0.4
1.0.5
1.0.6
1.0.7
1.0.8
1.1.0
1.1.1
1.1.2
1.1.3
1.1.5
1.1.7
1.1.8
1.1.9
1.1.10
1.1.11

Database specific

source
"https://github.com/pypa/advisory-database/blob/main/vulns/zrok/PYSEC-2026-577.yaml"