PYSEC-2026-588

See a problem?
Import Source
https://github.com/pypa/advisory-database/blob/main/vulns/crawl4ai/PYSEC-2026-588.yaml
JSON Data
https://api.osv.dev/v1/vulns/PYSEC-2026-588
Aliases
Published
2026-06-23T19:17:07.477Z
Modified
2026-06-30T23:45:06.039027554Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

Crawl4AI is an open-source LLM friendly web crawler & scraper. Prior to 0.8.9, the Docker API server applied its SSRF destination check to the crawl target URL only, not to the proxy address. An unauthenticated request could supply a proxy pointing at an internal IP and route the browser through it, reaching internal services and cloud-metadata endpoints, while using a perfectly valid crawl URL. The Docker API is unauthenticated by default. /crawl, /crawl/stream, and /crawl/job accept a browserconfig (and crawlerconfig). The following all feed Chromium's egress and were unchecked: browserconfig.proxyconfig.server, browserconfig.proxy (deprecated field), crawlerconfig.proxyconfig.server, and --proxy-server / --proxy-pac-url / --proxy-bypass-list / --host-resolver-rules flags in browserconfig.extra_args. This vulnerability is fixed in 0.8.9.

References

Affected packages

PyPI / crawl4ai

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.8.9

Affected versions

0.*
0.3.0
0.3.1
0.3.2
0.3.3
0.3.4
0.3.5
0.3.6
0.3.7
0.3.8
0.3.71
0.3.72
0.3.73
0.3.74
0.3.731
0.3.741
0.3.742
0.3.743
0.3.744
0.3.745
0.3.746
0.4.0
0.4.1
0.4.3b1
0.4.3b2
0.4.3b3
0.4.21
0.4.22
0.4.23
0.4.24
0.4.241
0.4.242
0.4.243
0.4.244
0.4.245
0.4.246
0.4.247
0.4.248b3
0.4.248
0.5.0
0.5.0.post1
0.5.0.post2
0.5.0.post3
0.5.0.post4
0.5.0.post5
0.5.0.post6
0.5.0.post7
0.5.0.post8
0.6.0rc1
0.6.0
0.6.1
0.6.2
0.6.3
0.7.0
0.7.1
0.7.2
0.7.3
0.7.4
0.7.5
0.7.6
0.7.7
0.7.8
0.8.0
0.8.5
0.8.6
0.8.7
0.8.8

Database specific

source
"https://github.com/pypa/advisory-database/blob/main/vulns/crawl4ai/PYSEC-2026-588.yaml"