In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsUpgrade Crawl4AI to version 0.8.8 or higher.
Crawl4AI is a 🚀🤖 Crawl4AI: Open-source LLM Friendly Web Crawler & scraper
Affected versions of this package are vulnerable to Server-side Request Forgery (SSRF) via the base_url parameter in API requests and the resolution of environment variables in the LLM configuration process. An attacker can obtain sensitive server-held secrets, such as provider API keys or authentication tokens, by supplying a malicious base_url or referencing protected environment variables in the request.