Crawl4AI is an open-source LLM friendly web crawler & scraper. Prior to 0.8.9, the Docker API server applied its SSRF destination check to the crawl target URL only, not to the proxy address. An unauthenticated request could supply a proxy pointing at an internal IP and route the browser through it, reaching internal services and cloud-metadata endpoints, while using a perfectly valid crawl URL. The Docker API is unauthenticated by default. /crawl, /crawl/stream, and /crawl/job accept a browserconfig (and crawlerconfig). The following all feed Chromium's egress and were unchecked: browserconfig.proxyconfig.server, browserconfig.proxy (deprecated field), crawlerconfig.proxyconfig.server, and --proxy-server / --proxy-pac-url / --proxy-bypass-list / --host-resolver-rules flags in browserconfig.extra_args. This vulnerability is fixed in 0.8.9.