crawl4ai 0.8.9

Direct Vulnerabilities

Known vulnerabilities in the crawl4ai package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
H Server-side Request Forgery (SSRF) Crawl4AI is a 🚀🤖 Crawl4AI: Open-source LLM Friendly Web Crawler & scraper Affected versions of this package are vulnerable to Server-side Request Forgery (SSRF) via the `handle_stream_crawl_request` process. An attacker can access internal-only services and cloud-metadata endpoints by sending crafted requests to the affected API endpoints, causing the server to fetch and stream responses from arbitrary internal URLs. How to fix Server-side Request Forgery (SSRF)? Upgrade `Crawl4AI` to version 0.9.0 or higher.	[,0.9.0)
H Symlink Attack Crawl4AI is a 🚀🤖 Crawl4AI: Open-source LLM Friendly Web Crawler & scraper Affected versions of this package are vulnerable to Symlink Attack via the `download` process. An attacker can overwrite arbitrary files with attacker-controlled content by supplying crafted filenames containing absolute paths or directory traversal sequences, which are then written outside the intended downloads directory. This can lead to execution of malicious code by overwriting files such as shell rc-files, `~/.ssh/authorized_keys`, cron entries, or Python modules on the import path. This is only exploitable if the crawler is run with sufficient privileges or in an environment where sensitive paths are writable. How to fix Symlink Attack? Upgrade `Crawl4AI` to version 0.9.0 or higher.	[,0.9.0)
C Arbitrary Code Injection Crawl4AI is a 🚀🤖 Crawl4AI: Open-source LLM Friendly Web Crawler & scraper Affected versions of this package are vulnerable to Arbitrary Code Injection via the `browser_config.extra_args` parameter in API requests. An attacker can execute arbitrary commands as the container's runtime user by injecting malicious Chromium launch arguments, leading to full read/write access to application data, secrets, environment variables, and potential data exfiltration. This is only exploitable if the Docker API server is left unauthenticated and accessible to attackers. How to fix Arbitrary Code Injection? Upgrade `Crawl4AI` to version 0.9.0 or higher.	[,0.9.0)

Vulnerability

Vulnerable Version

Server-side Request Forgery (SSRF)

Crawl4AI is a 🚀🤖 Crawl4AI: Open-source LLM Friendly Web Crawler & scraper

Affected versions of this package are vulnerable to Server-side Request Forgery (SSRF) via the handle_stream_crawl_request process. An attacker can access internal-only services and cloud-metadata endpoints by sending crafted requests to the affected API endpoints, causing the server to fetch and stream responses from arbitrary internal URLs.

How to fix Server-side Request Forgery (SSRF)?

Upgrade Crawl4AI to version 0.9.0 or higher.

[,0.9.0)

Symlink Attack

Crawl4AI is a 🚀🤖 Crawl4AI: Open-source LLM Friendly Web Crawler & scraper

Affected versions of this package are vulnerable to Symlink Attack via the download process. An attacker can overwrite arbitrary files with attacker-controlled content by supplying crafted filenames containing absolute paths or directory traversal sequences, which are then written outside the intended downloads directory. This can lead to execution of malicious code by overwriting files such as shell rc-files, ~/.ssh/authorized_keys, cron entries, or Python modules on the import path. This is only exploitable if the crawler is run with sufficient privileges or in an environment where sensitive paths are writable.

How to fix Symlink Attack?

Upgrade Crawl4AI to version 0.9.0 or higher.

[,0.9.0)

Arbitrary Code Injection

Crawl4AI is a 🚀🤖 Crawl4AI: Open-source LLM Friendly Web Crawler & scraper

Affected versions of this package are vulnerable to Arbitrary Code Injection via the browser_config.extra_args parameter in API requests. An attacker can execute arbitrary commands as the container's runtime user by injecting malicious Chromium launch arguments, leading to full read/write access to application data, secrets, environment variables, and potential data exfiltration. This is only exploitable if the Docker API server is left unauthenticated and accessible to attackers.

How to fix Arbitrary Code Injection?

Upgrade Crawl4AI to version 0.9.0 or higher.

[,0.9.0)

crawl4ai@0.8.9

🚀🤖 Crawl4AI: Open-source LLM Friendly Web Crawler & scraper

latest version

latest non vulnerable version

first published

latest version published

licenses detected

Direct Vulnerabilities

Fix vulnerabilities automatically