Crawl4AI <=0.4.247 is vulnerable to SSRF in /crawl4ai/async_dispatcher.py.
References
Link | Resource |
---|---|
https://gist.github.com/AndrewDzzz/f49e79b09ce0643ee1fc2a829e8875e0 | Third Party Advisory |
Configurations
History
23 Jun 2025, 19:49
Type | Values Removed | Values Added |
---|---|---|
References | () https://gist.github.com/AndrewDzzz/f49e79b09ce0643ee1fc2a829e8875e0 - Third Party Advisory | |
First Time |
Kidocode crawl4ai
Kidocode |
|
CPE | cpe:2.3:a:kidocode:crawl4ai:*:*:*:*:*:*:*:* |
22 Apr 2025, 14:15
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
|
CWE | CWE-918 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.1 |
18 Apr 2025, 20:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-04-18 20:15
Updated : 2025-06-23 19:49
NVD link : CVE-2025-28197
Mitre link : CVE-2025-28197
CVE.ORG link : CVE-2025-28197
JSON object : View
Products Affected
kidocode
- crawl4ai
CWE
CWE-918
Server-Side Request Forgery (SSRF)