In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsLearn about Server-side Request Forgery (SSRF) vulnerabilities in an interactive lesson.
Start learningUpgrade @aborruso/ckan-mcp-server to version 0.4.106 or higher.
@aborruso/ckan-mcp-server is a MCP server for interacting with CKAN open data portals
Affected versions of this package are vulnerable to Server-side Request Forgery (SSRF) through the validateServerUrl hostname check in src/utils/http.ts. An attacker can make the server send outbound requests to loopback or private services by supplying a server_url that resolves to ::1, such as ip6-localhost or ip6-loopback, while still passing the hostname filter. This lets a remote MCP caller reach internal endpoints that were meant to be blocked and receive response-derived data from CKAN-shaped requests, exposing local or private resources to the caller.
Notes
/etc/hosts such as ip6-localhost and ip6-loopback can resolve to ::1 even though they are not literal loopback addresses, so deployments that rely on name-based blocking were still exposed.server_url/base_url validation is used by tools that make outbound HTTP requests, not just the single call site named in the draft.Workarounds
server_url/base_url values to CKAN tools such as ckan_package_search and sparql_query; restrict those parameters to trusted users or remove access to the tools entirely, which prevents the SSRF path from being used to reach loopback or private services.